Unpatched Active Directory Flaw Can Crash Any Microsoft Server

One of two critical Active Directory Domain Controller vulnerabilities patched by Microsoft last month goes beyond the original denial-of-service (DoS) attack chain and can be used to crash multiple, unpatched Windows servers at once. And experts are concerned many organizations remain vulnerable.

Researchers at SafeBreach have put together an analysis of the DoS bug, tracked as CVE-2024-49113. This vulnerability, along with a similar remote control execution (RCE) bug, tracked as CVE-2024-49112, with a CVSS score of 9.8, was discovered in Active Directory's Lightweight Directory Access Protocol (LDAP) used to search the databases. Both were patched in December's Microsoft security update.

Read more here.