No Detections In The Wild, But …
Sysadmins who’ve left their DHCP settings for Energetic Directories with default settings, which appears to be about 40% of them, are susceptible to a quite nasty DHCP DNS spoof assault. The researchers at Akamai who found this flaw had been in a position to leverage it with no need any credentials in any respect, a quite worrying improvement. The report doesn’t include the technical particulars on how you can leverage the exploit, nonetheless it can probably be launched quickly as Microsoft’s response to Akamai was dismissive.
In principle it leverages the method by which a tool that’s given an IP tackle by the DHCP server can then contact the DNS server and replace it’s personal DNS document utilizing DNS Dynamic Updates. This occurs with out supplying credentials, nevertheless it may very well be used to authenticate the machine which might then modify or overwrite different DNS entries inside your Energetic Listing Built-in DNS. That can be utilized to leverage another recognized exploits, which beforehand wanted correct authentication for use.
Discussion about this post