Semperis, a provider of AI-powered identity security and cyber resilience, today released new research detailing Golden dMSA, a critical design flaw active in delegated Managed Service Accounts ...

Some versions ago we got Managed Service Accounts, which did use long random password, that were rotated automatically by AD but could only be used on one server. This was followed by Group Managed ...

Exploit Brief In short, Delegated Managed Service Accounts (dMSA) were introduced in Windows Server 2025 to replace service accounts to minimize exposure to Kerberoasting. The exploit is focused ...

According to the article, an attack abuses a function called “delegated Managed Service Account” (dMSA), which Microsoft introduced with Windows Server 2025.

With all the improvements Microsoft has made in Windows and Windows Server, it’s time to evaluate whether your security settings are as effective as they could be.

Windows Server 2025 Security features PDF download Windows Server 2025 is designed to help IT administrators better understand different layers of protection embedded in Windows Server.

"Golden dMSA exposes a critical design flaw that could let attackers generate service account passwords and persist undetected in Active Directory environments," said Malyanker.