This is a high severity vulnerability due to the fact that when a user logs into a Windows domain with a non-domain user account, they may be vulnerable to remote code execution due to the fact that the non-domain user account has elevated privileges. Non-domain user accounts are generally created by system administrators and are intended for non-privileged users, such as contractors and users who need to access resources that are not accessible to other administrators. Systems administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.

Affected Software

This vulnerability affects the following Microsoft products:
Microsoft Windows 10
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016

Steps to Take to Protect Yourself From This Vulnerability

System administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.
System administrators can take steps to protect themselves from this vulnerability by updating their systems with the latest security patches, implementing secure account policies for non-domain user accounts, and periodically reviewing and updating their account privileges for all users.

Vulnerability Details

This vulnerability is due to the fact that when a user logs into a Windows domain with a non-domain user account, they may be vulnerable to remote code execution. In order to exploit this vulnerability, an attacker would need to first obtain the credentials of a user who has been granted the privilege to access resources on the system. Non-domain users are generally created by system administrators and are intended for non-privileged users, such as contractors and users who need to access resources that are not accessible to other administrators. Systems administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.

Timeline

Published on: 03/09/2022 17:15:00 UTC
Last modified on: 05/23/2022 17:29:00 UTC

References