Vulnerability

Windows LSA Spoofing Vulnerability

This blog contains information about the Windows LSA Spoofing vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.

Clip path group@2x

T-Update

Information about vulnerabilities

This blog contains information about the Windows LSA Spoofing vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.

Update August 13, 2021

12:00 | Earlier this week, Microsoft patched a number of vulnerabilities during their regular Patch Tuesday. Among others, the PetitPotam NTLM Relay vulnerability was resolved.

For CVE-2021-36942 (Windows LSA Spoofing Vulnerability), which can be combined with PetitPotam, the likelihood/impact has today been scaled up by the Dutch NCSC from medium/high to high/high. The change in rating is related to proof of concept code that is now available.

We recommend installing the latest updates from Microsoft, paying specific attention to Domain Controllers.

Customized cyber security

Background

The following CVE reference belongs to this vulnerability. CVE-2021-36942

Risk

According to Microsoft and the NCSC, this vulnerability can lead to the following:

  • Privilege Escalation
  • Remote Code Execution
  • Access to sensitive data

Advice

Sources

Learn more about the Windows LSA Spoofing vulnerability on these external sources:

NCSC advice

Microsoft

Ellipse 6

Sign up to receive T-Updates

Receive the latest vulnerabilities in your email every Wednesday

More than 1,000 organisations have already joined us.

Tesorion gebruikt jouw gegevens voor het versturen van de gevraagde informatie. Daarnaast worden je gegevens mogelijk gebruikt voor commerciële opvolging. Je kunt je op elk gewenst moment hiervoor afmelden via de link in de e-mail. Lees voor meer informatie ons privacybeleid.

Ellipse 6