Urgent Windows Kerberos Security Feature Bypass Vulnerability CVE-2024-20674 patch
Heads up, if you are running a Windows network with Active Directory Domain Services (AD DS). Microsoft has released an urgent Windows Kerberos Security Feature Bypass patch.
The security flaw in Windows Kerberos is identified as CVE-2024-20674. It is a vulnerability in the authentication process that could be misused for impersonation purposes.
“An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server,” Redmond’s security response team said.
Also, Microsoft noted that for an attacker to successfully exploit this issue, they must first have access to the protected network before initiating the attack.
This Windows Kerberos vulnerability is critical, with a CVSS severity score of 9 out of 10.