Full title: Microsoft Windows Task Scheduler Security Feature Bypass Vulnerability 
Category: remote exploits
Platform: windows
Compass Security identified a security feature bypass vulnerability in Microsoft Windows. Due to the absence of integrity verification requirements for the RPC protocol and in particular the Task Scheduler, a man-in-the-middle attacker can relay his victim's NTLM authentication to a target of his choice over the RPC protocol. Provided the victim has administrative privileges on the target, the attacker can execute code on the remote target.

# 0day.today @ http://0day.today/