Re: Time
I'm confused here.
Based on my reading, the vulnerability is with the domain controller exclusively. Now, I get that there may be no-longer supported servers, but that'd be for 2008 or older... which is pretty old.
There appears to be no patches for client OSs listed in the Microsoft CVE. So, who is hanging domain controllers off the internet?
Well, the only acceptable instance that I know of is kdcproxy.... which does have me wondering if that is at risk. The CVE doesn't mention it.