// #cve-2026-47288

2 articles

CVE-2026-47288 in the Windows Kerberos KDC is the most critical Active Directory vulnerability of 2026. Beyond patching, the Kerberos attack surface encompasses golden ticket attacks, AS-REP roasting, Kerberoasting, and credential relay. This article provides post-patch hardening guidance for enterprise AD environments.

Jun 12, 2026 #kerberos +8

🔑 IAM

Windows Kerberos KDC Remote Code Execution CVE-2026-47288 Puts Domain Controllers at Critical Risk

CVE-2026-47288 is a critical remote code execution vulnerability in the Windows Kerberos Key Distribution Centre that allows network-adjacent unauthenticated attackers to execute arbitrary code on Active Directory domain controllers. All supported Windows Server versions are affected. Domain controllers should be treated as the highest-priority patch target in the June 2026 update cycle.

Jun 9, 2026 #windows-server +8

Hardening Active Directory Against CVE-2026-47288 and the Kerberos Attack Surface

Windows Kerberos KDC Remote Code Execution CVE-2026-47288 Puts Domain Controllers at Critical Risk