Windows User Enumeration for Time Restricted Accounts

Sid released an advisory about an interesting username enumeration vulnerability over the weekend:

Username enumeration vulnerabilities are a classic mistake that vendors seem fated to repeat.  It’s surprising to see one in such a mature product, though.  Well spotted, Sid.

Tags: ,

Posted in Blog