Does anyone know if there has been anything done by Microsoft regarding the SID manipulation issue? This came up a year or two ago, and it basically meant that the domain was no longer the security boundary. As I recall, manipulation of a SID in one domain could be performed to obtain permissions on another domain within the same forest.
Is anyone aware if any patch, hotfix, service pack or whatever might have been issued to resolve this vulnerability? Are there any workarounds?
Another question is around SID filtering - is this an effective countermeasure? Or is it really impractical for very large domains with frequent changes?
Thanks for any help or info you might have on this....
Does anyone know if there has been anything done by Microsoft regarding the SID manipulation issue? This came up a year or two ago, and it basically meant that the domain was no longer the security boundary. As I recall, manipulation of a SID in one domain could be performed to obtain permissions on another domain within the same forest.
Is anyone aware if any patch, hotfix, service pack or whatever might have been issued to resolve this vulnerability? Are there any workarounds?
Another question is around SID filtering - is this an effective countermeasure? Or is it really impractical for very large domains with frequent changes?
Thanks for any help or info you might have on this....
Tim
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]