New Windows Vulnerability... not good

not even remotely funny

thanks OP.

dammit!! this is going to suck.

Cliff notes please!

1 star 4 u!

Explain like I'm 5 please.

Use Linux.

I don't think anyone on here is running Windows enterprise for their os.

That would be more retarded than normal windows.

"Attackers can launch this attack using the KrbRelayUp tool developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn privilege escalation tools."

So this guy is called a "security researcher" and publishes a tool designed to facilitate attacks on systems?

I could never understand this kind of s**t. Why make matters worse by telling people at large how exactly to make the attack and providing the tools to do it?

not an issue for non enterprise users.

Knowing MS, they are behind this to get all corps to move all AD to Azure. All your corps are belong to us.

because it allows microsoft to make a fix. keeping it secret wouldn't do that.

Must be an Mac user - they are typically liberal arrogant a-holz.

Pretty much this - I have no sympathy for what happens to any org using M$ products still. Stupid costs money.

Doctors publishing books on surgery are not serial killers, jerk.

Create the tools and the attackers. Then charge people to protect them from those creations.

:mccoy:

Very poor comparison. I hope that you can do better.

I got an "attack" last week, when I clicked on a u-tube link... it locked up my desk top PC, and gave me a number (Microsoft) to call to fix the problem without causing permanent damage ... I demanded some ID when they insisted that I download a "viritual link" to their web-site - and they showed me the rep I was talking to, Microsoft ID with picture ... and I did down load the apt - and they did restore windows immediately ... but as soon as I got back on-line and the call was ended, I removed the app and the program from my system

so many crooks ... so many trusting individuals

O&O ShutUP++

If you have to use windows use this software^

Your Welcome

They always do this, I'm a system network administrator and manage Windows & Linux servers and I cannot for the life of me understand all these "security experts"

They are IDIOTS. They use all their grey matter to process logic information, then they defy all "human logic" and post their findings out in the open WITHOUT SENDING this information to the appropriate companies so they can device a fix, BEFORE MAKING IT PUBLIC.

This is not only happening on Windows, it is happening on Linux too, FYI.

These "security expert idiots" are responsible for all the issues we are having with their reckless behavior.

We had security holes for years on Windows & Linux without anyone even noticing and then one of these idiots not only explains how to the issue occurs, they goes the extra mile and explain HOW TO EXPLOIT the OS and then they device a tool and release it out in the open, amazing.

They should not be commended for their behavior. The best example of this in software vs real life is:

Like finding a fatal flaw in a hardware store and letting everyone know how to enter the facilities and provide a tool to do it and let the owner know. But since the owner is not quick enough to implement it, because the imbecile that found the fatal flaw sent the information out in the open, the store DOES get robbed and the idiot that found the fatal flaw is then commended for finding it while the owner wants to kill him for all the loss.

The only thing I could think of about their behavior is that they do it for recognition, so everyone talks about them but it is BAD and there is no other way to put it.

I will say it again: IDIOTS

Last Edited by tecnogaming on 05/28/2022 02:34 PM

Please.... Gates has now moved onto human virus's

You can tell people that there is a security hole and provide the needed patch without publishing the tools that facilitate the attack.

obviously, going by history and the number of holes... you can't.

Yep! The fact that someone is an expert in some particular field does not prevent them from being idiots in general

I'm a liberal a-hole (check my karma) and I hate macs. I have to use one for work and I want to break it.

That's like saying,

This person calls themselves a researcher and investigative reporter and then publishes actual documents and pictures and video of heinous acts.. Unbelievable!

Privilege escalation. It's been an ongoing battle for decades, 95% of MS's "security updates" deal with privilege escalation vulnerabilities.

A hacker still has to gain access to the system before the exploit can be used.

You want all the dirt on the politicians and pedogate criminals spilled into the public domain (yes, please) but not this!! Because the horror of it! Our computers!


Hypocrites.