Microsoft fixes ancient Kerberos impersonation bug

4 months ago AndyC

Microsoft’s first Patch Tuesday of 2024 has landed with two bugs described as “critical” out of a total of 47 security fixes.

Microsoft fixes ancient Kerberos impersonation bug

Microsoft’s first Patch Tuesday of 2024 has landed with two bugs described as “critical” out of a total of 47 security fixes.




Microsoft fixes ancient Kerberos impersonation bug










The worst is CVE-2024-20674, which is present in Windows Server versions as far back as 2008, as well as Windows 10 and Windows 11.

It’s a Kerberos security feature bypass which Microsoft said allows an impersonation attack, and carries a CVSS score of 9.0.

“An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server,” the advisory explained.

CVE-2024-20700 is also described by Microsoft as critical, in spite of a CVSS score of 7.5.

It’s a remote code execution vulnerability in Windows Hyper-V. 

According to Microsoft’s advisory, the vulnerability would be difficult to exploit: the attacker would have to gain access to the restricted network that exposes the hypervisor, and would then need to “win a race condition”.

The bug is present in Windows 10, Windows 11, Microsoft Server 2019, and Server 2022, in a variety of builds and architectures.

The full list of patches is here.



About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Too much of a good thing? How security sprawl can weaken defences

Too much of a good thing? How security sprawl can weaken defences

1 day ago AndyC
Kinsing malware exploits Apache Tomcat on Linux clouds

Kinsing malware exploits Apache Tomcat on Linux clouds

1 day ago AndyC
LogicMonitor launches LM Cost Optimisation tool for businesses

LogicMonitor launches LM Cost Optimisation tool for businesses

1 day ago AndyC
Organisations battle AI risks amid rise in supply chain attacks

Organisations battle AI risks amid rise in supply chain attacks

1 day ago AndyC
AUCloud Ramps Expands its Senior Leadership Team

AUCloud Ramps Expands its Senior Leadership Team

2 days ago AndyC
Cyberattacks exploiting trusted ties spanned over a month in 2023

Cyberattacks exploiting trusted ties spanned over a month in 2023

2 days ago AndyC

You may have missed

The who, where, and how of APT attacks – Week in security with Tony Anscombe

The who, where, and how of APT attacks – Week in security with Tony Anscombe

6 hours ago AndyC
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

15 hours ago AndyC

Friday Squid Blogging: Emotional Support Squid

15 hours ago AndyC

How to Protect Yourself on Social Networks

21 hours ago AndyC
Nissan reveals ransomware attack exposed 53,000 workers' social security numbers

Nissan reveals ransomware attack exposed 53,000 workers’ social security numbers

21 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.