1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

MS14-068 - Critical: Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780) -...

Discussion in 'Security Updates' started by Microsoft Security, Nov 18, 2014.

  1. Microsoft Security

    Microsoft Security Guest

    Severity Rating: Critical
    Revision Note: V1.0 (November 18, 2014): Bulletin published
    Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability.

    View the full article
     
    Microsoft Security, Nov 18, 2014
    #1

Share This Page