We Patched CVE-2023-28244 Before Anyone - Including Us - Even Knew It Existed | allinfosecnews.com

Nov. 16, 2023, 6 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

How Our Patch For CVE-2022-33647 Fixed CVE-2023-28244 Five Months In Advance

By Blaz Satler of 0patch Team

The Initial Vulnerability - CVE-2022-33647

In September 2022, Microsoft released patches for CVE-2022-33647, a Kerberos vulnerability that allows a MITM (Man-In-The-Middle) attacker to hijack a user's Kerberos ticket and achieve domain privilege escalation. James Forshaw of Google Project Zero was attributed with the discovery of this issue, and shortly after the issue was fixed also published a writeup on the official Project …

0patch attacker cve domain hijack kerberos man-in-the-middle microsoft mitm patch patches september ticket vulnerability

More from malware.news / Malware Analysis, News and Indicators - Latest topics

IBM security advisory (AV23-751) an hour ago | malware.news

advisory article canadian canadian centre for cyber security +8

Ubuntu security advisory (AV23-750) an hour ago | malware.news

advisory article canadian canadian centre for cyber security +7

Apple Patches Everything, (Mon, Dec 11th) an hour ago | malware.news

apple current dec exploited +10

How the FBI plans to handle 4-day breach disclosure exemption requests 2 hours ago | malware.news

article attacks breach breach disclosure +18

CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM 3 hours ago | malware.news

actor advisory command command injection +19

New Microsoft Incident Response team guide shares best practices for security teams and leaders 3 hours ago | malware.news

best practices complexity coordinated cyberthreat +25

Six of the most popular Android password managers are leaking data 4 hours ago | malware.news

android article data find +13

Cyber attacks during the holidays: Tips and Trends 4 hours ago | malware.news

attacks black friday blog campaigns +21

IT Pro Tuesday #281 4 hours ago | malware.news

back critical critical vulnerabilities current +22

Security Specialist

@ Protect Democracy | Remote, US

View on infosec-jobs.com

Experienced Security Compliance - HITRUST

@ Gainwell Technologies | Any city, TX, US, 99999

View on infosec-jobs.com

24 x 7 Security Analyst

@ LRQA | Birmingham, GB, B37 7ES

View on infosec-jobs.com

Associate Information Security Governance - #catalystWSP

@ Singtel | Singapore, Singapore

View on infosec-jobs.com

Security Consulting and Risk Officer

@ Metrobank | Taguig, Philippines

View on infosec-jobs.com

Security Threat Analyst

@ Metrobank | Taguig, Philippines

View on infosec-jobs.com