Microsoft Windows Kerberos Security Feature Bypass Vulnerability

A security feature bypass vulnerability has been identified in Windows Kerberos, allowing an attacker to bypass Windows Defender Credential Guard. This could lead to the leakage of Kerberos credentials. The vulnerability affects multiple Windows versions, including Windows 10, Windows 11, Windows Server 2016, and Windows Server 2022. The issue arises from an insecure storage of sensitive information, which could be exploited to manipulate or access protected data or features.

Impact

Exploitation of this vulnerability could bypass Windows Defender Credential Guard, allowing for the unauthorized access or manipulation of Kerberos credentials.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog. For those who deployed a policy to block the rollback of Virtualization-based Security (VBS) related security updates, it is necessary to redeploy using the updated policy.