MS14-068: Microsoft Active Directory Kerberos vulnerability
ITS Security Operations and Services has been made aware of a zero day exploit that affects Windows Active Directory servers and involves escalation of privilege through the Windows Kerberos service. Windows 2008 R2 and earlier versions are especially vulnerable to this exploit even though Sever 2012 and 2012R2 are also vulnerable. We recommend that anyone who has Windows Servers that have Active Directory server roles installed test and roll out this patch as soon as possible. MS14-068 is an out of band patch which was released yesterday, November the 18th, so would not be in the patch Tuesday cycle of released patches. Â Again, due to the severity of this vulnerability, we recommend you test and patch without delay.
You can locate more information about this patch in the links below: