Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Windows flaw allows access to data after accounts are revoked

Windows flaw allows access to data after accounts are revoked

2014/05/06

Help Net Security - (International) Researchers at Aorato found that disabled, deleted, expired, or locked-out accounts in Microsoft Windows networks can remain valid for up to 10 hours after being revoked, potentially allowing attackers to use the accounts to gain access to company data.

Source: http://www.net-security.org/secworld.php?id=16805

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:20:09