Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Microsoft fixes critical Kerberos flaw under attack with out-of-band patch

Microsoft fixes critical Kerberos flaw under attack with out-of-band patch

2014/11/18

Securityweek - (International) Microsoft released an out-of-band patch November 18 to close a vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to domain administrator privileges. The vulnerability has been exploited in limited, targeted attacks and users were advised to apply the patch as soon as possible due to the critical nature of the vulnerability.

Source: http://www.securityweek.com/microsoft-fixes-critical-kerberos-flaw-under-attack-out-band-patch

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:31