CVE-2019-1040

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. This vulnerability allows attackers to affect the system. The issue is related to the NTLM MIC protection mechanism, which can be exploited by a remote attacker to downgrade the security features of the NTLM mechanism. The vulnerability can be used to relay NetNTLMv1 authentication to LDAP, and it has been exploited in real-world attacks, including the RBCD attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.