authenticated attacker

About this tag
The term authenticated attacker appears in Microsoft security bulletins discussing vulnerabilities that require the attacker to have valid credentials on the target system. In the context of Windows Hyper-V, an authenticated attacker on a guest operating system could trigger remote code execution on the host by running a specially crafted application. Similarly, in Microsoft Dynamics AX, an authenticated attacker could cause a denial of service by submitting specially crafted data to an Application Object Server instance. These scenarios highlight that while authentication is a barrier, it does not eliminate risk, and organizations must apply security updates to mitigate such threats.
  1. News

    MS17-008 - Critical: Security Update for Windows Hyper-V (4013082) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs...
  2. News

    MS14-004 - Important : Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service...

    Severity Rating: Important Revision Note: V1.0 (January 14, 2014): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Dynamics AX. The vulnerability could allow denial of service if an authenticated attacker submits specially crafted data...
Back
Top