• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Grab Microsoft's Out-of-Cycle Kerberos Patch

November 20, 2014 By Corey Nachreiner

During last week’s Microsoft Patch Day, I pointed out that Microsoft had delayed two of the expected bulletins. This week, they released one of those delayed updates, and rate it as a Critical issue.

According to the MS14-068 Security Bulletin, Kerberos suffers from a local privilege elevation flaw that could allow attackers to gain full control of your entire domain. Kerberos is one of the authentication protocols used by Windows Servers. Kerberos Key Distribution Center (KDC) is the network service that supplies kerberos “tickets.” Unfortunately, Windows Servers suffers from a KDC vulnerability that allows local users to gain full domain administrator privileges simply by sending maliciously forged tickets to your KDC server. The good news is, an attacker needs valid domain login credentials, and local network access to leverage this flaw. The bad news is, if they can exploit the flaw, they basically gain access to ALL your Windows machines easily. This is a great flaw for advanced attackers. If they can pwn even one of your least privileged users, they can leverage it to gain full control of Windows networks, and easily move laterally throughout your network. I consider this a pretty serious issue.

I recommend you patch your Windows Servers, especially your Active Directory controller, as soon as possible. Check out the Affected Software section of Microsoft’s bulletin for patch details. Though I recommend you update quickly, your Authentication server is a critical network component. I highly recommend you test this update on a non-production server first, to make sure it doesn’t cause and unexpected problems. — Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Kerberos, Microsoft, Server, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • Naming APTs

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use