ChrisJohn86
Well-known member
- Joined
- Apr 10, 2024
- Messages
- 76
- Reaction score
- 0
Microsoft has just fixed two serious flaws in the Kerberos PAC validation protocol, which contributed to a notable improvement in the security of the Windows operating system. The vulnerabilities, identified as CVE-2024-26248 and CVE-2024-29056, presented possible threats to the integrity of the system.
For those who don't know, Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications in distributed computing environments.
Access token integrity is guaranteed by the Privilege Attribute Certificate (PAC) validation protocol, part of Kerberos. However, the flaws that have been found might jeopardize this integrity.
By making these vulnerabilities' fixes available, we’re seeing Microsoft significantly reduce possible threats and demonstrate its commitment to upholding a strong and safe Windows ecosystem. For more details, here we can find the support document for KB5037754.
For those who don't know, Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications in distributed computing environments.
Access token integrity is guaranteed by the Privilege Attribute Certificate (PAC) validation protocol, part of Kerberos. However, the flaws that have been found might jeopardize this integrity.
By making these vulnerabilities' fixes available, we’re seeing Microsoft significantly reduce possible threats and demonstrate its commitment to upholding a strong and safe Windows ecosystem. For more details, here we can find the support document for KB5037754.