Overview

• Group Policy Preferences (GPP) allowed admins to create policies using embedded credentials
• These credentials were encrypted and placed in a cPassword
• The key was accidentally released
• Patched in MS14-025, but it doesn’t prevent previous uses
• It is a very old vulnerability (10+ years)
• STILL RELEVENT ON PENTESTS

Mitigation Strategies

• Patch, fixed in KB2962486
• Delete the old GPP xml files stored in the SYSVOL