Microsoft NetLogon CVE-2019-1424 Security Feature Bypass Vulnerability

description-logoDescription

A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. To exploit the vulnerability, an attacker would require an active man in the middle attack to be in place for the targeted traffic. The update addresses the vulnerability by modifying how Netlogon handles these connections, accounting for potential attack through a man in the middle.

affected-products-logoAffected Applications

Windows RT 8.1
Windows Server version 1903 (Server Core installation)
Windows Server 2016
Windows Server version 1803 (Server Core Installation)
Windows Server 2012
Windows 8
Windows 7
Windows 10
Windows Server 2008
Windows Server 2019

CVE References

CVE-2019-1424