The attack against Group Managed Service Accounts (gMSA) can allow attackers to dump Key Distribution Service (KDS) root key attributes and generate the password for all the associated gMSAs offline.