Windows Credential Guard Insufficient Checks On Kerberos Encryption Type Use

Windows CG APIs, which take encrypted keys, do not limit what encryption or checksum types can be used with those keys. This can result in using weak encryption algorithms which could be abused to either generate keystreams or brute force encryption keys.


SHA-256 | a89b74c0dc18c8ac3c1161dc1b3af00aa0758ae52080749f23434cc90472d8b2


Related Posts