Skip to main content

Network Location Awareness Service Security Feature Bypass Vulnerability

Last Update Date: 15 Jan 2015 Release Date: 14 Jan 2015 3889 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A security feature bypass vulnerability exists in the Network Location Awareness (NLA) service that could unintentionally relax the firewall policy and/or configuration of certain services. This could increase the surface exposed to an attacker. The vulnerability is caused when the NLA service fails to properly validate whether a domain-connected computer is connected to the domain or to an untrusted network. The update addresses the vulnerability by forcing mutual authentication via Kerberos.

Successful exploitation of this vulnerability requires that an attacker be connected to the same network as the victim’s computer, and that the attacker spoof responses to DNS and LDAP traffic initiated by the victim. The vulnerability could allow an attacker to apply a domain profile to a computer connected to an untrusted network. Client computers connected to untrusted networks are primarily at risk from this vulnerability.


Impact

  • Security Restriction Bypass

System / Technologies affected

  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8 and Windows 8.1
  • Windows Server 2012 and Windows Server 2012 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link