MS14-068: Microsoft Active Directory Kerberos vulnerability

ITS Security Operations and Services has been made aware of a zero day exploit that affects Windows Active Directory servers and involves escalation of privilege through the Windows Kerberos service. Windows 2008 R2 and earlier versions are especially vulnerable to this exploit even though Sever 2012 and 2012R2 are also vulnerable. We recommend that anyone who has Windows Servers that have Active Directory server roles installed test and roll out this patch as soon as possible. MS14-068 is an out of band patch which was released yesterday, November the 18th, so would not be in the patch Tuesday cycle of released patches. Â Again, due to the severity of this vulnerability, we recommend you test and patch without delay.

You can locate more information about this patch in the links below:

https://isc.sans.edu/forums/diary/Microsoft+November+out-of-cycle+patch+MS14-068/18967
https://technet.microsoft.com/library/security/MS14-068
http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx

More information: MS14-068: Microsoft Active Directory Kerberos vulnerability

Story added 20. November 2014, content source with full text you can find at link above.

MS14-068: Microsoft Active Directory Kerberos vulnerability

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts