Threat Level: green Handler on Duty: Brad Duncan

SANS ISC InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication

Published: 2010-03-10
Last Updated: 2010-03-11 22:38:01 UTC
by Rob VandenBrink (Version: 1)
2 comment(s)

Yesterday Microsoft re-released KB973811 ==>

This relates back to the original KB973917 ==>

and advisory MS09-071 ==>

This affects the Extended Protection for Authentication functions within XP, Vista and Server 2003 ==>

It didn't show up in yesterday's Patch Tuesday review because Microsoft is classifying it as a "non-security upgrade". This is confusing to me, because the update actually includes mitigation against a credential forwarding attack, which you might see on an unencrypted, unsigned connection (yes, there's still a lot of that going around ! )

This update affects XP, Vista and Server 2003.  Windows 7 and Server 2008 R2 are not affected.

Thanks to our readers on letting us know about this one.  I'm still puzzled as to why this wasn't on Microsoft's list of security updates ...

=============== Rob VandenBrink Metafore ===============

2 comment(s)
Diary Archives