Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Flaw in Microsoft Domain Account CachingAllows Local Workstation Admins to Temporarily EscalatePrivileges and Login as Cached Domain Admin Accounts (2010-M$-002)
Dec 10 2010 10:11PM
Stefan Kanthak (stefan kanthak nexgo de)
"George Carlson" <gcarlson (at) vccs (dot) edu [email concealed]> wrote:
> Your objections are mostly true in a normal sense.
And in abnormal sense?
> However, it is not true when Group Policy is taken into account.
Group Policies need an AD. Cached credentials are only used locally,
for domain accounts, when the computer c...
[ more ]
Copyright 2010, SecurityFocus