Unpatched Systems Vulnerable to Spoofed Linked Certificates in KDC

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Windows Server provides Public Key Infrastructure (PKI) technology to enable capabilities such as Encrypting File System (EFS), domain authentication, digital signatures, and email security. Misconfigurations in Active Directory Certificate Services (AD CS) role services may expose them to cyber attacks such as privilege escalation, Golden Ticket Attacks, and AD Domain domination.