Summary
Microsoft patched a privilege escalation vulnerability (CVE-2026-26119) in Windows Admin Center that allows low-privileged users to impersonate administrators. This flaw enables remote command execution and lateral movement across enterprise networks, including Active Directory and Azure environments.
Take Action:
If you use Windows Admin Center, apply the February 17 security update immediately — this flaw can let an attacker with minimal access take over your entire domain. While you're at it, review who has access to your Admin Center and restrict it to only those who truly need it.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)