2019, Authentication, LAN and Windows

Microsoft’s February 2024 Patch Tuesday Addresses 73 CVEs (CVE-2024-21351, CVE-2024-21412)

Tenable

FEBRUARY 13, 2024

Moderate CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-21351 is a security feature bypass vulnerability in Windows SmartScreen. Since 2022, there have been five Windows SmartScreen vulnerabilities disclosed across Patch Tuesday. It was assigned a CVSSv3 score of 7.6 and is rated moderate.

LAN

LAN Windows Azure Internet

CVE-2020-1472: 'Zerologon' Vulnerability in Netlogon Could Allow Attackers to Hijack Windows Domain Controller

Tenable

SEPTEMBER 14, 2020

Security researchers reveal how the cryptographic authentication scheme in Netlogon can be exploited to take control of a Windows domain controller (DC). This disclosure follows a previous Netlogon related vulnerability, CVE-2019-1424 , which Secura detailed at the end of last year. Background. the maximum score.

Windows

Windows LAN Backup Authentication

Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Tenable

OCTOBER 10, 2023

Successful exploitation could lead to the disclosure of New Technology LAN Manager (NTLM) hashes. Researcher Florian Hauser of Code White GmbH published a two-part blog series in September 2022 investigating Skype for Business 2019. However, this vulnerability is noted to have been publicly disclosed previously. and rated critical.

Windows

Windows Software Review Azure Systems Review

CTO Universe

Microsoft’s February 2024 Patch Tuesday Addresses 73 CVEs (CVE-2024-21351, CVE-2024-21412)

CVE-2020-1472: 'Zerologon' Vulnerability in Netlogon Could Allow Attackers to Hijack Windows Domain Controller

Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Webinars

Stay Connected