Microsoft Management Console Bugs Allow Windows Takeover

Microsoft Management Console Bugs Allow Windows Takeover

Share

Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.

A Windows interface that allows system administrators to configure and monitor systems from an admin level has several vulnerabilities that would allow an attacker to install malicious payloads and even take over a target, privileged machine.

The bugs are grouped under one umbrella (CVE-2019-0948) and are found in the Microsoft Management Console (MMC), according to Check Point researchers Eran Vaknin and Alon Boxiner,

Read more here: threatpost.com



Show Buttons
Hide Buttons