|
|
|
|
|
|
by cookiengineer
562 days ago
|
|
|
Your definition of "fixed" seems to be different than mine. Can't fix a broken architecture if Microsoft is not willing to replace it while also deprecating the old ways. If you want to move the goal post to "my computer is connected to the internet, so it's my fault" then sure, whatever. I still think that Microsoft didn't fix the issues at hand, and kerberoast problems and NTLM problems alone are beyond human knowability. That's why they are so feasible as an attack surface, especially on Azure with its cross-tenant problems, which kind of implies that Microsoft themselves cannot manage NTLM correctly. I'll just leave this here, a month old (Oct 2024) because you seem to critize my old examples [1]. You can also google for "malware NTLM relay attack" and you'll find plenty of other examples. PS: I also want to add that I won't collect 100s of CVEs for some random person online. I got better things to do than to convince people to ditch Windows. If you want a dossier and analysis, pay us and we'll make a contract for it. If you want a better vulnerability database, we'll have that available as a product :) [1] https://www.bleepingcomputer.com/news/security/exploit-relea... |
|
|