Microsoft Active Directory Domain Services CVE-2021-42278 Elevation of Privilege Vulnerability
Description
Microsoft Security Update to address the elevation of privilege vulnerability found in Windows Server version 20H2 (Server Core Installation), Windows Server 2022, Windows Server 2016, Windows Server 2012, Windows Server 2008, Windows Server version 2004 (Server Core installation), Windows Server 2019
Outbreak Alert
On November 9, Microsoft released a patch for several zero-day vulnerabilities related to Active Directory privilege escalation, 2 of which are of particular interest as they can lead to Windows Domain takeover when chained together.
Affected Applications
Windows Server version 20H2 (Server Core Installation)
Windows Server 2022
Windows Server 2016
Windows Server 2012
Windows Server 2008
Windows Server version 2004 (Server Core installation)
Windows Server 2019