Network Location Awareness Service Security Feature Bypass Vulnerability
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
A security feature bypass vulnerability exists in the Network Location Awareness (NLA) service that could unintentionally relax the firewall policy and/or configuration of certain services. This could increase the surface exposed to an attacker. The vulnerability is caused when the NLA service fails to properly validate whether a domain-connected computer is connected to the domain or to an untrusted network. The update addresses the vulnerability by forcing mutual authentication via Kerberos.
Successful exploitation of this vulnerability requires that an attacker be connected to the same network as the victim’s computer, and that the attacker spoof responses to DNS and LDAP traffic initiated by the victim. The vulnerability could allow an attacker to apply a domain profile to a computer connected to an untrusted network. Client computers connected to untrusted networks are primarily at risk from this vulnerability.
Impact
- Security Restriction Bypass
System / Technologies affected
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
- Windows 8 and Windows 8.1
- Windows Server 2012 and Windows Server 2012 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS15-005
Vulnerability Identifier
Source
Related Link
Share with