Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Devastating flaw in Windows


  • Please log in to reply
5 replies to this topic

#1 OldPhil

OldPhil

    Doppleganger


  • Members
  • 4,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:10:36 AM

Posted 17 December 2015 - 12:55 PM

Not sure if this the best place for this but sure needs to be looked into!

 

http://community.spiceworks.com/topic/1343923-devastating-flaw-found-in-windows-authentication-system?utm_campaign=digest&utm_medium=email&utm_source=digest&utme=topic+featured


Honesty & Integrity Above All!


BC AdBot (Login to Remove)

 


#2 PhotoAce

PhotoAce

  • Members
  • 165 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Zealand
  • Local time:04:36 AM

Posted 17 December 2015 - 02:11 PM

You left off the quote marks around "devastating", and the question mark at the end of the sentence. Then there's this comment on the article:

 

"There is nothing new in that blog post. All the author has done is gather information from other sources (linked at the bottom of his post) and put it together in a nice article. It's El Reg that's tossing around words like "devastating". In fact, dfirblog goes into great detail about how the attack works and - more to the point - how to detect it on your network. 

Changing KEBTGT's password is trivial using the provided script, which, incidentally, was published in February. Honestly: Should we be that surprised to find that a Bad Guy that's gained access to a network can do Bad Things? 

C'mon, kids. Read the articles before crying foul. We're supposed to be better than that."

 

 



#3 OldPhil

OldPhil

    Doppleganger

  • Topic Starter

  • Members
  • 4,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:10:36 AM

Posted 17 December 2015 - 03:05 PM

Good call, I did see it was a rerun but some this stuff needs to be bumped for those that missed it.


Honesty & Integrity Above All!


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:36 AM

Posted 17 December 2015 - 03:11 PM

The original full article referenced by G.D. Williams (Spiceworks) is at The Register is here.
 

Posted on December 13, 2015 by dfirblog

MEDIA NOTE: This is not a new flaw, just a good write-up! I don’t know why media reporting this as a new flaw.

Protecting Windows Networks - Kerbero Attacks


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 OldPhil

OldPhil

    Doppleganger

  • Topic Starter

  • Members
  • 4,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:10:36 AM

Posted 17 December 2015 - 03:17 PM

Ooops caught me reading the same place!


Honesty & Integrity Above All!


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,944 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:36 AM

Posted 17 December 2015 - 03:27 PM

That's what detectives are trained to do. :whistle:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users