Active Directory forest yapısında tespit edilen CVE-2019-0683 Windows server güvenlik açığı kapsamında güvenlik güncellemesi yayınladı. Kimliği doğrulanmayan, kötü niyetli kullanıcının hedeflenen bir sistemdeki yapılandırmaları değiştirmesine izin verebilir.

Güvenlik açığı, varsayılan olmayan bir ayar nedeniyle ortaya çıktığı söyleniyor.  AD forest yapısındaki trust ilişkisini kullanan bir saldırgan, bu güvenlik açığını kullanarak trust ilişkisi olan forest yapısında bir kimlik için bilet veren TGT delegasyonun yapısının talep etme ayarının izin verdiği ve standart işlemleri kullanarak bu zafiyeti kullanabileceği tespit edilmiştir. Zafiyetten yararlanan, kötü niyetli kullanıcının bir kullanıcı kimliğini taklit etmesine izin verebilir ve işlem yapmasına uzaktan kod çalıştırmasına sebebiyet verebilir. Microsoft bu güvenlik açığı için aşağıdaki güncelleme paketlerini yayınlamıştır.

Windows Server 2019 ve eski sürümlerini kapsayan bu güvenlik zafiyeti alt sürümleri ve client işletim sistemlerini de etkilemektedir. 

Windows 10 for 32-bit Systems
4507458 Security Update Elevation of Privilege Important
4503291
Windows 10 for x64-based Systems
4507458 Security Update Elevation of Privilege Important
4503291
Windows 10 Version 1607 for 32-bit Systems
4507460 Security Update Elevation of Privilege Important
4503267
Windows 10 Version 1607 for x64-based Systems
4507460 Security Update Elevation of Privilege Important
4503267
Windows 10 Version 1703 for 32-bit Systems
4507450 Security Update Elevation of Privilege Important
4503279
Windows 10 Version 1703 for x64-based Systems
4507450 Security Update Elevation of Privilege Important
4503279
Windows 10 Version 1709 for 32-bit Systems
4507455 Security Update Elevation of Privilege Important
4503284
Windows 10 Version 1709 for 64-based Systems
4507455 Security Update Elevation of Privilege Important
4503284
Windows 10 Version 1709 for ARM64-based Systems
4507455 Security Update Elevation of Privilege Important
4503284
Windows 10 Version 1803 for 32-bit Systems
4507435 Security Update Elevation of Privilege Important
4503286
Windows 10 Version 1803 for ARM64-based Systems
4507435 Security Update Elevation of Privilege Important
4503286
Windows 10 Version 1803 for x64-based Systems
4507435 Security Update Elevation of Privilege Important
4503286
Windows 10 Version 1809 for 32-bit Systems
4507469 Security Update Elevation of Privilege Important
4503327
Windows 10 Version 1809 for ARM64-based Systems
4507469 Security Update Elevation of Privilege Important
4503327
Windows 10 Version 1809 for x64-based Systems
4507469 Security Update Elevation of Privilege Important
4503327
Windows 10 Version 1903 for 32-bit Systems
4507453 Security Update Elevation of Privilege Important
4503293
Windows 10 Version 1903 for ARM64-based Systems
4507453 Security Update Elevation of Privilege Important
4503293
Windows 10 Version 1903 for x64-based Systems
4507453 Security Update Elevation of Privilege Important
4503293
Windows 7 for 32-bit Systems Service Pack 1
4507449 Monthly Rollup Elevation of Privilege Important
4503292
4507456 Security Only
Windows 7 for x64-based Systems Service Pack 1
4507449 Monthly Rollup Elevation of Privilege Important
4503292
4507456 Security Only
Windows 8.1 for 32-bit systems
4507448 Monthly Rollup Elevation of Privilege Important
4503276
4507457 Security Only
Windows 8.1 for x64-based systems
4507448 Monthly Rollup Elevation of Privilege Important
4503276
4507457 Security Only
Windows RT 8.1
4507448 Monthly Rollup  Elevation of Privilege Important
4503276
Windows Server 2008 for 32-bit Systems Service Pack 2
4507452 Monthly Rollup Elevation of Privilege Important
4503273
4507461 Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
4507452 Monthly Rollup Elevation of Privilege Important
4503273
4507461 Security Only
Windows Server 2008 for Itanium-Based Systems Service Pack 2
4507452 Monthly Rollup Elevation of Privilege Important
4503273
4507461 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2
4507452 Monthly Rollup Elevation of Privilege Important
4503273
4507461 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
4507452 Monthly Rollup Elevation of Privilege Important
4503273
4507461 Security Only
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
4507449 Monthly Rollup Elevation of Privilege Important
4503292
4507456 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1
4507449 Monthly Rollup Elevation of Privilege Important
4503292
4507456 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
4507449 Monthly Rollup Elevation of Privilege Important
4503292
4507456 Security Only
Windows Server 2012
4507462 Monthly Rollup Elevation of Privilege Important
4503285
4507464 Security Only
Windows Server 2012 (Server Core installation)
4507462 Monthly Rollup Elevation of Privilege Important
4503285
4507464 Security Only
Windows Server 2012 R2
4507448 Monthly Rollup Elevation of Privilege Important
4503276
4507457 Security Only
Windows Server 2012 R2 (Server Core installation)
4507448 Monthly Rollup Elevation of Privilege Important
4503276
4507457 Security Only
Windows Server 2016
4507460 Security Update Elevation of Privilege Important
4503267
Windows Server 2016 (Server Core installation)
4507460 Security Update Elevation of Privilege Important
4503267
Windows Server 2019
4507469 Security Update Elevation of Privilege Important
4503327
Windows Server 2019 (Server Core installation)
4507469 Security Update Elevation of Privilege Important
4503327
Windows Server, version 1803 (Server Core Installation)
4507435 Security Update Elevation of Privilege Important
4503286
Windows Server, version 1903 (Server Core installation)
4507453 Security Update Elevation of Privilege Important
4503293