Friend
Professional
- Messages
- 2,669
- Reaction score
- 944
- Points
- 113
Researchers at Tel Aviv University have discovered serious vulnerabilities in modern operating systems related to the implementation of the Kerberos protocol. Despite years of security improvements, the old cryptographic algorithms used in Kerberos remain vulnerable to attacks, putting corporate networks around the world at risk.
The main threat comes from the use of the legacy PKCS #1 v1.5 scheme in RSA encryption, which is present in the implementation of smart card-based authentication. Researchers have shown that this configuration makes systems vulnerable to Bleichenbacher-type attacks, allowing attackers to obtain cryptographic session tokens, including user and administrator passwords.
In addition, the study found that smart cards, despite their widespread use in modern operating systems, do not provide forward secrecy, which also makes them susceptible to attacks. The use of microstructural attacks through third-party channels allowed researchers to gain access to encrypted data transmitted on the network, even when using modern versions of Windows and Linux.
The problem is exacerbated by the fact that current versions of operating systems, including Windows 10 and Windows 11, do not have global limits on the number of initiated sessions, allowing hackers to accelerate attacks without being detected. For example, using a dedicated website, attackers can initiate multiple sessions using vulnerable configurations and gain access to sensitive data without the user's knowledge.
While Microsoft is already working to fix these vulnerabilities, most users remain at risk. It is important that corporate network administrators take steps to improve the security of their systems, such as disabling vulnerable configurations and using more modern cryptographic techniques.
These findings demonstrate how dangerous it can be to use outdated cryptographic solutions in modern systems. It is important to continue researching and improving the security of protocols, especially those that are widely used to protect corporate data.
Source
The main threat comes from the use of the legacy PKCS #1 v1.5 scheme in RSA encryption, which is present in the implementation of smart card-based authentication. Researchers have shown that this configuration makes systems vulnerable to Bleichenbacher-type attacks, allowing attackers to obtain cryptographic session tokens, including user and administrator passwords.
In addition, the study found that smart cards, despite their widespread use in modern operating systems, do not provide forward secrecy, which also makes them susceptible to attacks. The use of microstructural attacks through third-party channels allowed researchers to gain access to encrypted data transmitted on the network, even when using modern versions of Windows and Linux.
The problem is exacerbated by the fact that current versions of operating systems, including Windows 10 and Windows 11, do not have global limits on the number of initiated sessions, allowing hackers to accelerate attacks without being detected. For example, using a dedicated website, attackers can initiate multiple sessions using vulnerable configurations and gain access to sensitive data without the user's knowledge.
While Microsoft is already working to fix these vulnerabilities, most users remain at risk. It is important that corporate network administrators take steps to improve the security of their systems, such as disabling vulnerable configurations and using more modern cryptographic techniques.
These findings demonstrate how dangerous it can be to use outdated cryptographic solutions in modern systems. It is important to continue researching and improving the security of protocols, especially those that are widely used to protect corporate data.
Source
