Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023, (Sat, Apr 8th)

This post was originally published on this site

This has been brought to our attention by a reader (thank you, William!). The vulnerability %%cve:2022-38038%% affected the Microsoft Netlogon[1] procedure with an RPC escalation of privilege vulnerability. Microsoft provided a patch to fix it. It improves the Netlogon security by enforcing RPC sealing instead of signing off the communication with the Domain Controller. RPC sealing is a security measure that both signs and encrypts the messages sent over the wire by the Netlogon protocol. Microsoft released a knowledge base article[2] with more information about the technique used to fix the vulnerability.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.