Windows security update blocks PetitPotam NTLM relay attacks
Using the PetitPotam vector, a threat actor can use the Windows LSARPC interface to communicate and execute MS-EFSRPC API functions for malicious purposes without authentication.
Using the PetitPotam vector, a threat actor can use the Windows LSARPC interface to communicate and execute MS-EFSRPC API functions for malicious purposes without authentication.
