Category: Microsoft

Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication

As announced in our recent security advisory, Preempt researchers discovered a critical vulnerability which allows attackers to retrieve the session...
Read Now

Security Advisory: Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two vulnerabilities discovered by Preempt researchers. The critical...
Read Now

New Microsoft Exchange Vulnerability Exposes Domain Admin Privileges: Here’s What to Do

Last week, the CERT Coordination Center (CERT/CC) issued a vulnerability note warning versions of Microsoft Exchange 2013 and newer are...
Read Now

One Organization’s Dilemma: Adding Security for Cloud Apps With Less User Disruption

Late last year, we began conversations with the Tuck School of Business at Dartmouth College about their current security concerns. Like...
Read Now

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

 In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability...
Read Now