Microsoft Has Confirmed That ShadowCoerce Vulnerability Was Fixed
Microsoft has confirmed that the ShadowCoerce Windows NTLM relay vulnerability has been fixed. According to Microsoft's spokesperson, "the MS-FSRVP coercion abuse PoC aka 'ShadowCoerce' was mitigated with CVE-2022-30154, which affected the same component." Microsoft hasn't provided any details of the vulnerability and hasn't assigned its ID. Read more...