Cybersecurity

1 readers

34 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

[email protected]

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability. (fedia.io)

submitted 2 weeks ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability.

#cybersecurity #Windows #vulnerability #CyberAttack #infosec

https://cnews.link/windows-zero-day-attackers-can-steal-ntlm-credentials-1/

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 2 weeks ago (1 children)

That's a big hill to climb.

Enterprise will always upgrade as usual. Besides, those are all domain based systems if my memory is right, NTLM is only used for local accounts.

Even SMB runs a domain - it's just easier to manage access control.

This issue just pushes me to setup a domain for home use.

[–] [email protected] 2 points 2 weeks ago

NTLM is enabled in some domain based environments. I have to enable it for several service accounts used for connecting legacy appliances. If it "works" Goodluck getting the business to upgrade.