{"id":132957,"date":"2021-12-23T21:23:40","date_gmt":"2021-12-24T05:23:40","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/12\/two-active-directory-bugs-lead-to-easy-windows-domain-takeover"},"modified":"2021-12-23T21:23:40","modified_gmt":"2021-12-24T05:23:40","slug":"two-active-directory-bugs-lead-to-easy-windows-domain-takeover","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/12\/two-active-directory-bugs-lead-to-easy-windows-domain-takeover","title":{"rendered":"Two Active Directory Bugs Lead to Easy Windows Domain Takeover"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/two-active-directory-bugs-lead-to-easy-windows-domain-takeover.jpg\"><\/a><\/p>\n<p>Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12.<\/p>\n<p>A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover.<\/p>\n<p>In a Monday <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/security-compliance-and-identity\/sam-name-impersonation\/ba-p\/3042699\" target=\"_blank\" rel=\"noopener\">alert<\/a>, Microsoft urged organizations to immediately patch the pair of bugs, tracked as <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-42287\" target=\"_blank\" rel=\"noopener\">CVE-2021\u201342287<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-42278\" target=\"_blank\" rel=\"noopener\">CVE-2021\u201342278<\/a>, both of which were fixed in its <a href=\"https:\/\/threatpost.com\/microsoft-nov-patch-tuesday-fixes-six-zero-days-55-bugs\/176143\/\" target=\"_blank\" rel=\"noopener\">November 2021 Patch Tuesday<\/a> release.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12. A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover. In a Monday alert, Microsoft urged organizations to [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":["post-132957","post","type-post","status-publish","format-standard","hentry","category-futurism"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/132957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=132957"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/132957\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=132957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=132957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=132957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}