BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Flaw in Microsoft Domain Account CachingAllows Local Workstation Admins to Temporarily EscalatePrivileges and Login as Cached Domain Admin Accounts (2010-M$-002) Dec 10 2010 10:11PM
Stefan Kanthak (stefan kanthak nexgo de)
"George Carlson" <gcarlson (at) vccs (dot) edu [email concealed]> wrote:

> Your objections are mostly true in a normal sense.

And in abnormal sense?

> However, it is not true when Group Policy is taken into account.

Group Policies need an AD. Cached credentials are only used locally,
for domain accounts, when the computer c...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus