Nov. 16, 2023, 6 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics

How Our Patch For CVE-2022-33647 Fixed CVE-2023-28244 Five Months In Advance

By Blaz Satler of 0patch Team

The Initial Vulnerability - CVE-2022-33647

In September 2022, Microsoft released patches for CVE-2022-33647, a Kerberos vulnerability that allows a MITM (Man-In-The-Middle) attacker to hijack a user's Kerberos ticket and achieve domain privilege escalation. James Forshaw of Google Project Zero was attributed with the discovery of this issue, and shortly after the issue was fixed also published a writeup on the official Project …

0patch attacker cve domain hijack kerberos man-in-the-middle microsoft mitm patch patches september ticket vulnerability

Security Specialist

@ Protect Democracy | Remote, US

Experienced Security Compliance - HITRUST

@ Gainwell Technologies | Any city, TX, US, 99999

24 x 7 Security Analyst

@ LRQA | Birmingham, GB, B37 7ES

Associate Information Security Governance - #catalystWSP

@ Singtel | Singapore, Singapore

Security Consulting and Risk Officer

@ Metrobank | Taguig, Philippines

Security Threat Analyst

@ Metrobank | Taguig, Philippines