New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

A new attack technique, Win-DDoS, exploits vulnerabilities in Windows LDAP client code to turn public domain controllers into a DDoS botnet. The attack, which doesn’t require code execution or credentials, can overwhelm victim servers and potentially crash domain controllers. Microsoft has patched four related vulnerabilities in Windows LDAP, LSASS, Netlogon, and Print Spooler Components.