Kerberos Vulnerability Exposes Privilege Escalation in Windows

By Viral Mehta

Microsoft’s MS14-068 update fixes a vulnerability in Windows Kerberos implementations that allows attackers to elevate any domain user privileges to administrator privileges. Microsoft has warned that the exploit has been found in the wild deemed the patch “critical.” The company advises system administrators to immediately install it. 

If an attacker were to have valid domain credentials, he could exploit the vulnerability (CVE-2014-6324) to elevate his privileges and compromise any computer in the domain, including domain controllers. 

Read More

Topics: Business IT