JPCERT-AT-2014-0048
JPCERT/CC
2014-11-19
<<< JPCERT/CC Alert 2014-11-19 >>>
Vulnerability in Kerberos KDC, November 2014
https://www.jpcert.or.jp/english/at/2014/at140048.html
I. Overview
Microsoft has released an emergency security bulletin regarding
Kerberos KDC. An attacker leveraging this vulnerability may escalate
privileges from a domain user account without administrative
privileges to a domain administrator account.
It is recommended to apply the security update program provided by
Microsoft as soon as possible.
For more details on this vulnerability, refer to the following URL:
MS14-068
Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
https://technet.microsoft.com/en-us/library/security/ms14-068
According to Microsoft, this vulnerability is being leveraged for
use in targeted attacks.
II. Affected Systems
The following versions are affected by this vulnerability:
- Windows Server 2003
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
III. Solution
Apply the security update program as soon as possible through
Microsoft Update or Windows Update.
Microsoft Update
http://www.update.microsoft.com/
Windows Update
http://windowsupdate.microsoft.com/
For more information on how to detect attacks leveraging this
vulnerability, refer to the following URL:
Additional information about CVE-2014-6324
http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx
IV. References
Microsoft
Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
https://technet.microsoft.com/en-us/library/security/ms14-068
Microsoft
Release of Security Bulletin MS14-068 "Vulnerability in Kerberos Could Allow Elevation of Privilege" (Japanese)
http://blogs.technet.com/b/jpsecurity/archive/2014/11/19/ms14-068-released.aspx
Microsoft
Additional information about CVE-2014-6324
http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top