Vulnerability in Active Directory may allow attackers to gain control of Windows Domain Controllers

Retrieved from techcommunity.microsoft.com

Shortly after the release of a proof-of-concept (PoC) tool on December 12, Microsoft is advising users to update two security flaws in Active Directory domain controllers that it addressed in November.

The two flaws labeled CVE-2021–42278 and CVE-2021–42287, have a severity level of 7.5 out of ten…