Microsoft released a patch for a known vulnerability that has been “under the radar”. It is potentially very dangerous for those who are not aware of it, and it is highly recommended to update Windows. If you’re using Windows 365, you can find the link below.
Last week’s Windows security patch released last week by Microsoft was not all that it was cracked up to be. The update fixed a vulnerability that was caused by the Windows Error Reporting (WER) process. When a user would launch WER, they would receive a pop-up window requesting the user to grant permission for the program to view system resources like their personal information and files. Once the user clicked on the pop-up, they were granted permission for the program to view this information. If the user was tricked into granting this permission, they would be granting the program access to their Azure Active Directory credentials, which could be used by other programs to log into your Azure Active Directory account and steal your identity.
Microsoft has patched a serious vulnerability in WebClient built into Windows Server 2008 and Windows Server 2012 that allows attackers to easily steal your Azure Active Directory credentials.
He spent much of his time acquiring new talents and learning more about the computer industry, since he was passionate about technology, Windows, and anything that had a power button. Coming from a strong foundation in computer science,… Read more
- Another flaw in a Microsoft product may enable a hostile third party to get information from users of Windows 365.
- Using Mimikatz, a researcher found a method to leak users’ unencrypted plaintext Microsoft Azure credentials.
- Hackers may use such tools to move laterally across a network until they get control of a Windows domain controller, enabling them to take control of it.
- These credential dumps are being carried out by exploiting a vulnerability identified in May 2021.
When it comes to dealing with vulnerabilities and the ongoing exploitation of some of them, it seems that Microsoft can’t seem to get a break.
Aside from the never-ending PrintNightmare tale, there’s now a major vulnerability impacting Microsoft’s new cloud PC service, Windows 365.
This unforeseen flaw may enable a hostile third party to steal the Azure credentials of Windows 365 users.
This vulnerability in Windows 365 may result in data breaches.
Mimikatz was used by a vulnerability researcher to leak people’s unencrypted plaintext Microsoft Azure credentials from Microsoft’s new Windows 365 Cloud PC service.
Mimikatz is an open-source cybersecurity tool developed by Benjamin Delpy that allows researchers to test different credential theft and impersonation vulnerabilities.
A portion of the statement on this project’s GitHub page alluded to the ease with which such tools might be used to retrieve sensitive information.
It’s well knowledge that plaintext passwords, hashes, PIN codes, and kerberos tickets may be extracted from memory. In addition, mimikatz can conduct pass-the-hash, pass-the-ticket, create Golden tickets, play with certificates or private keys, vault, and so on. Make some coffee, perhaps?
Originally designed for researchers, it is now used by hackers to leak plaintext passwords from the LSASS process’ memory or conduct pass-the-hash attacks utilizing NTLM hashes, thanks to the strength of its numerous modules.
Malicious people may move laterally across a network using this effective technique until they get control of a Windows domain controller, enabling them to take control of it.
Let’s just assume that the majority of individuals won’t be at danger, provided they don’t share PC admin rights with anybody they don’t know.
However, given the high number of individuals who fall prey to phishing scams, which end in you giving over control of your computer to an unknown attacker, it’s not unusual.
They can remotely execute apps and programs on your computer after they’ve gained access, and they can simply use the software to steal your Azure credentials via Windows 365.
Because Windows 365 is geared at businesses and enterprises, you can understand how serious credential theft might be.
These credential dumps are made possible by a vulnerability he found in May 2021, which enables him to leak plaintext credentials for Terminal Server users.
Normally, technologies like Windows Defender Remote Credential Guard would protect current and threatening users from this vulnerability, but such safeguards aren’t available in Windows 365 yet, leaving it susceptible.
Remember to do all you can to keep your passwords and other important information safe by not sharing them and only downloading from trusted websites.
Have you ever been a victim of a data breach? Please tell us about your experience in the comments area below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Microsoft Azure is a cloud computing platform, which allows you to develop, run and host applications and services on the web. While the users were enjoying enhanced features of the service, they were at risk of unwanted access to their Azure accounts.. Read more about user at risk detected and let us know what you think.
This article broadly covered the following related topics:
- azure ad identity protection
- azure ad security best practices
- user at risk detected
- azure ad password protection
- azure ad leaked credentials detection