GPP cPassword Attack
Last updated
Last updated
Group policies preferences allowed admins to create policies using embedded credentials.
These credentials were encrypted and placed in a "cPassword"
The key was accidentally released by Microsoft
Patched in MS14-025 but doesn't prevent previous uses.
The key was stored in SYSVOL
Any Domain User can read the policy