web analytics
Home » Technology » Microsoft » Windows Security Update Patches PetitPotam Vulnerability

Windows Security Update Patches PetitPotam Vulnerability

3 years ago Yasir Zeb
PetitPotam Vulnerability

Microsoft also released a security update as part of Patch Day that closes the PetitPotam vulnerability that became known in July. The vulnerability affects Windows domain controllers and other Windows servers.

A research team from France had shown the susceptibility of the domain controller in July with a proof-of-concept. It’s about a so-called NTLM relay attack, which they named PetitPotam. Threat actors can take over a domain controller and thus an entire Windows domain if they exploit the vulnerability because an attacker can execute any command after the takeover and thus effectively take over the Windows domain. Windows Server versions from 2008 to 2019 are affected.

Microsoft blocks PetitPotam vector

NTLM is a protocol introduced by Microsoft around 30 years ago. Although this protocol has long been known to have numerous design problems and therefore security weaknesses, it is still widely used. As part of the patch day updates for August 2021, Microsoft released a security update that blocks the PetitPotam vector (CVE-2021-36942) so that it cannot force a domain controller to authenticate to another server. In the explanation it says:

“An unauthenticated attacker could call a method on the LSARPC interface and force the domain controller to authenticate itself to another server with NTLM (CVE-2021-36942). This security update blocks the affected API calls OpenEncryptedFileRawA and OpenEncryptedFileRawW via the LSARPC interface. “

Microsoft warns that installing this update could affect backup software: “The EFS API OpenEncryptedFileRaw (A / W), which is widely used in backup software, continues to work in all versions of Windows (local and remote) except when backing up to or from a system with Windows Server 2008 SP2. OpenEncryptedFileRaw will no longer work on Windows Server 2008 SP2 “.

According to Microsoft, the providers of backup software are working with them on a solution. The developers will release updates to the backup software as soon as possible.

Tags: , ,

More Stories

Microsoft reveals extent of CrowdStrike glitch

4 days ago Amit Gohar

Microsoft redesigns Windows update

1 week ago Amit Gohar

How to Track Project Progress and Performance with Microsoft Project

2 months ago Alexia Hope

Today’s Latest

August 2024 New Movies And Series On Amazon Prime Video

9 hours ago Alexia Hope

Smart speaker with clock is discontinued

11 hours ago Amit Gohar

iOS 18 Update Is Exciting With These Innovations

11 hours ago Yasir Zeb

Alternative browser with AI & VPN

12 hours ago Yasir Zeb

Millions lost due to CrowdStrike bug?

15 hours ago Yasir Zeb

AVM delivers new update for fiber and cable routers

15 hours ago Alexia Hope

Xiaomi Mix Flip soon also in Europe

16 hours ago Yasir Zeb

Mysterious phantom network spreads malware via GitHub

17 hours ago Amit Gohar

Experimental FritzOS update fixes problem with IPv6 ULAs and NAS

18 hours ago Alexia Hope

Samsung blocks sideloading of apps on Android

3 days ago Yasir Zeb