Golden dMSA: Critical Windows Server 2025 Flaw Enables Cross-Domain Persistence & Enterprise-Wide Exploits
A newly uncovered vulnerability in Windows Server 2025 is raising alarm across the cybersecurity community. Dubbed Golden dMSA, the flaw allows attackers to generate valid passwords for all Delegated Managed Service Accounts (dMSAs) and Group Managed Service Accounts (gMSAs)—opening the door to persistent, cross-domain access across an entire Active Directory (AD) forest.