Impressum | Werbung

Geizhals » Forum » Security & Viren » Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release (13 Beiträge, 361 Mal gelesen) Top-100 | Fresh-100

^ Forum  Security & Viren  #7383152 Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release tridh 19.11.2014, 11:16:43 Haben wir gestern Abend bekommen. Today Microsoft released an out-of-band security update to address an issue affecting Microsoft Windows.   This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability This security update is rated Critical for all supported editions of Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. The update is also being provided on a defense-in-depth basis for all supported editions of Windows Vista, Windows 7, Windows 8, and Windows 8.1. Severity ratings do not apply for these operating systems because the vulnerability addressed in this bulletin is not present. This update provides additional defense-in-depth hardening that does not fix any known vulnerability. Note The update is available for Windows Technical Preview and Windows Server Technical Preview. Customers running these operating systems are encouraged to apply the update, which is available via Windows Update. In addition to the new security bulletin, Microsoft has revised security bulletin MS14-066. The revision addresses known issues that a small number of customers experienced with the new TLS cipher suites that were included in the original release. Customers running Windows Server 2008 R2 or Windows Server 2012 who installed the 2992611 update prior to the November 18 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information. 19.11.2014, 11:26 Uhr - Editiert von tridh, alte Version: hier   Re: Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (nightmare11at am 19.11.2014, 12:17:28)   Re(2): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (tridh am 19.11.2014, 13:01:01)   Re(3): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (nightmare11at am 19.11.2014, 13:22:05)   Re(4): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (tridh am 19.11.2014, 13:22:58)   Re(5): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (nightmare11at am 19.11.2014, 17:07:11)   Re(6): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (tridh am 19.11.2014, 17:50:03)   Re(7): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (nightmare11at am 20.11.2014, 08:20:11)   Re(6): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (Ardjan am 19.11.2014, 21:03:34)   Re(7): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (Fly am 20.11.2014, 21:54:39)   Re(3): Kerberos KDC - Microsoft Security Bulletin (Out-of-Band) Release  (Fly am 20.11.2014, 21:55:39)

 

Dieses Forum ist eine frei zugängliche Diskussionsplattform.
Der Betreiber übernimmt keine Verantwortung für den Inhalt der Beiträge und behält sich das Recht vor, Beiträge mit rechtswidrigem oder anstößigem Inhalt zu löschen.
Datenschutzerklärung