Yet Another Microsoft Windows CVE: Local Privilege Escalation MS14-068

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, November 19, 2014

Follow me on Twitter as @mattiasgeniar

As if the SSL/TLS vulnerability dubbed MS14-066 last week wasn’t enough, today Microsoft announced an out-of-band patch for a critical Privilege Escalation bug in all Windows Server systems. This time, Kerberos gets patched.

A remote elevation of privilege vulnerability exists in implementations of Kerberos KDC in Microsoft Windows. The vulnerability exists when the Microsoft Kerberos KDC implementations fail to properly validate signatures, which can allow for certain aspects of a Kerberos service ticket to be forged. Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. Note that the known attacks did not affect systems running Windows Server 2012 or Windows Server 2012 R2. The update addresses the vulnerability by correcting signature verification behavior in Windows implementations of Kerberos.

Microsoft Security Bulletin MS14-068

On the plus-side, it only applies to servers in an Active Directory domain. Standalone Windows Servers shouldn’t be vulnerable to this. But there’s plenty of Domain-controlled Windows servers that do need urgent patching.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.