Kerberos Security Feature Bypass Vulnerability Affects Windows Users
CVE-2024-20674
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 9 January 2024
Badges
Summary
The Windows Kerberos Security Feature Bypass vulnerability enables attackers to bypass critical security mechanisms within the Kerberos authentication protocol. This flaw can potentially lead to unauthorized access to sensitive system resources. Microsoft has recognized this vulnerability and is advocating for immediate remediation through system updates. Users and administrators are strongly advised to ensure that their systems are updated to mitigate the risks associated with this exposure.
Affected Version(s)
Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20402
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.6614
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.5329
News Articles
RunecastRunecast guidance on Microsoft’s Jan 2024 Patch Tuesday
Microsoft fixed 48 security flaws in its January 2024 Patch Tuesday, including one critical remote code execution vulnerability.
1 year ago
Help Net SecurityWeek in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world
1 year ago
Microsoft Security Update Summary (January 9, 2024)
[German]On January 9, 2024, Microsoft released security updates for Windows clients and servers, for Office and for other products. The security updates eliminate 48 vulnerabilities (CVEs), two of which are critical vulnerabilities. Below is a compact overview of these updates that were released on ...
1 year ago
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by Tenable
Vulnerability published
Vulnerability Reserved