New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory Users
Posted: Fri May 23, 2025 4:29 am
A critical vulnerability in Windows Server 2025 that enables attackers to compromise any user in Active Directory, including highly privileged accounts.
Dubbed “BadSuccessor,” this attack exploits a feature called delegated Managed Service Accounts (dMSA) and works by default in environments with at least one Windows Server 2025 domain controller.
https://cybersecuritynews.com/attack-ex ... rver-2025/
Dubbed “BadSuccessor,” this attack exploits a feature called delegated Managed Service Accounts (dMSA) and works by default in environments with at least one Windows Server 2025 domain controller.
https://cybersecuritynews.com/attack-ex ... rver-2025/