Microsoft Here S How To Defend Windows Against These New Privilege Escalation Attacks
Microsoft has responded to the April release of KrbRelayUp, a tool that streamlines several earlier public tools to escalate privileges from a low-privileged Windows domain user to a high-privileged domain user by joining unauthorized devices to Active Directory (AD), Microsoft’s on-premise authentication and identity service. The tools rely on resource-based constrained delegation (RBCD), a legitimate method in Windows that enables an attacker to “impersonate an administrator and eventually run a code as the SYSTEM account of a compromised device”, according to Microsoft....