CISA: Don’t install Windows Patch Tuesday updates for May on Domain Controllers


Windows logo against red circular shapes and a dark background

Microsoft patched a Windows Local Security Authority (LSA) spoofing vulnerability being tracked under CVE-2022-26925 with its latest Patch Tuesday updates. The high severity flaw enabled unauthenticated attackers to call a method anonymously and force the Domain Controller (DC) to authenticate them via NTLM. In the worst case, this could lead to elevation of privilege and an attacker taking control of your entire domain.

Read more…