Yug0Rd

**Name of the Vulnerable Software and Affected Versions** Windows Kerberos versions prior to the August 2025 updates **Description** A relative path traversal issue in the Windows Kerberos protocol allows an authorized attacker to elevate privileges over a network. This can be achieved by abusing delegated Managed Service Accounts (`dMSA`), potentially granting the attacker full control over the corporate network, including domain administrator rights. This zero-day issue was actively exploited before the release of a security update. **Recommendations** Install the August 2025 updates. Review permissions on Organizational Units, containers, and `dMSA` objects. Restrict the creation and modification of `dMSA` and their migration link attributes to Tier 0 administrators.