• Article for your preferred language does not exist. Below is international version of the article.

Article ID: 123610, created on Nov 19, 2014, last review on Nov 19, 2014

  • Applies to:
  • Operations Automation
  • Business Automation

Information

Microsoft has revealed a vulnerability in Microsoft Windows Kerberos KDC. It affects all modern versions of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1.

Please refer to Microsoft TechNet article for details:

Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)

Impact

Microsoft has revealed a vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When the security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability.

This security update is rated Critical for all supported editions of Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

Resolution

  1. To close the vulnerability on Windows-based service nodes (including POA and PBA management nodes) install the security patch from Windows Update. In case no updates are available, check if required Service Pack is installed. Update your box, if it is not, using instructions provided in "Can Service Pack be installed on POA Management node?" article.

  2. If the service node is a Parallels Virtuozzo Containers hardware node, please proceed with the instructions from the corresponding article.

Search Words

MS14-068

MS14-068 - Vulnerability in Kerberos Could Allow Elevation of Privilege

198398b282069eaf2d94a6af87dcb3ff caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 5356b422f65bdad1c3e9edca5d74a1ae

Email subscription for changes to this article
Save as PDF