Endpoint Vulnerability

Microsoft: Kerberos SNAME Security Feature Bypass Vulnerability


A security feature bypass vulnerability exists in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field during ticket exchange. An attacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication.

Affected Products

Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016