Chrome Critical Patches and Microsoft Tiers
Posted on November 16, 2020 by David Rowe ‐ 1 min read
CVE-2020-16013 is a threat that can quickly escalate into major domain interruption. Without proper tiered segmentation on an Active Directory domain, the exploit contained in this CVE can quickly change into a full domain compromise.
For a brief overview of why privileged access management is critical to an environment, please see What is RedForest
CVE-2020-16013
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to incorrect implementation in V8 in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it and compromise the system.
Note, the vulnerability is being actively exploited in the wild.
The key item to take note of here is the portion:
A remote attacker can create a specially crafted web page, trick the victim into visiting it and compromise the system.
Recommended steps for mitigating this threat
- Update of Chrome browsers on servers and workstations.
- Remove access to public web sites on Domain Controllers
- Remove cached credentials from all servers
- Minimize cached credentials on workstations