Third-Party Patches Available for More PetitPotam Attack Vectors
Disclosed in late July, PetitPotam is a remote code execution vulnerability (CVE-2021-36942) that abuses the Encrypting File System Remote (MS-EFSRPC) protocol. An attacker exploiting the bug could get a targeted server to connect to an attacker-controlled server and perform NTLM authentication. The attacker could then use other exploits to take complete control of a Windows…