Microsoft Windows Improper Authentication Vulnerability

Summary

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass.

Credit:

The information has been provided by Yaron Zinar 

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1166


Details

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.

Vulnerable Systems:

Microsoft Windows 

CVE Information:

CVE-2019-1166

Disclosure Timeline: