Worklet: Remediation for CVE-2018-8581

  • 9 December 2020
  • 0 replies
  • 41 views

Userlevel 7

This is a remediation for CVE-2018-8581 per this article:

https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2018-8581


The workaround is to remove a specific registry entry, which this worklet does:


Evaluation code:


Exit 1

Remediation code:


reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v DisableLoopbackCheck /f

Note that the above code is the CMD syntax and not Powershell, but that should run fine. If you run into any problems you can convert the above line into Powershell pretty easily.


0 replies

Be the first to reply!

Reply