Originally published at: https://www.cyberark.com/threat-research-blog/group-policies-going-rogue/
This blog –part of a year-long research project that uncovered 60 different vulnerabilities across major vendors – discusses a vulnerability in the Windows group policy object (GPO) mechanism. Focused specifically on the policy update step, this vulnerability permits a standard user in a domain environment to perform a file system attack that, in turn, would…