Monday, December 6, 2021

Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks

GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks

In part three of a series, GoSecure ethical hackers have found another way to exploit insecure Windows Server Update Services (WSUS) configurations. By taking advantage of the authentication provided by the Windows update client and relaying it to other domain services, we found this can lead to remote code execution. In this blog, we’ll share our findings and recommend mitigations.

WSUS Part 3:…

Read More

Latest news
Related news