Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068
Microsoft today released an "out-of-band" security updates to fix a critical vulnerability in all supported versions of its Windows Server software that cyber criminals are exploiting to compromise whole networks of computers.

The Emergency patch release comes just one week after Microsoft provided its monthly security patch updates. The November 2014 Patch Tuesday updates included 16 security patches, five of which were rated by Redmond as "critical."

The security update (MS14-068) addresses a vulnerability in the Windows component called Microsoft Windows Kerberos KBC, authentication system used by default in the operating system. The flaw allows an attacker to elevate domain user account privileges and access rights to that of a domain administrator account.

As a result, if users unknowingly or accidentally run a malicious software on their system, it could therefore be used to compromise the entire network, which could be more dangerous for those who are handling intranets.
"The attacker can impersonate any domain accounts, add themselves to any group, install programs, view\change\delete data, or create any new accounts they wish," Chris Goettl of IT management firm Shavlik told The Hacker News in an email. "This could allow the attacker to then compromise any computer in the domain, including domain controllers."
The problem poses a severe threat to organisations and is only rated critical for Windows Server systems. While client systems would not be considered a target for an attack, so Windows home users are not likely to be affected by the flaw.

According to Microsoft, the vulnerable component is present in all supported versions of Windows, from Windows Vista to Windows 8.1, and from Windows Server 2003 to Server 2012 R2.

The company has made the emergency patch available for users and urged Windows users to install the update as quickly as possible, noting that hackers already are exploiting the weaknesses to launch targeted attacks.

The software giant said it had received warnings of "limited, targeted attacks" exploiting the vulnerability. The company credited "the Qualcomm Information Security & Risk Management team" for reporting the vulnerability, with special recognition for Qualcomm cyber security engineer Tom Maddock for his help.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.