Microsoft patches Kerberos vulnerability with emergency update

Microsoft released an out-of-band patch on Tuesday, addressing a vulnerability in Kerberos KBC, a component that handles authentication on local networks.

The patch was supposed to have been released earlier this month, but Microsoft withheld it due to QA concerns. However, Redmond says the flaw is being used in attacks online, so organizations are urged to update immediately.

“The attacker could forge a Kerberos Ticket and send that to the Kerberos KDC which claims the user is a domain administrator. From there the attacker can impersonate any domain accounts, add themselves to any group, install programs, view\change\delete data, or create any new accounts they wish. This could allow the attacker to then compromise any computer in the domain, including domain controllers,” explained Chris Goettl, product manager with Shavlik.

To read this article in full or to leave a comment, please click here