The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Hacking Windows Server

Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068

Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068

November 18, 2014Swati Khandelwal
Microsoft today released an " out-of-band " security updates to fix a critical vulnerability in all supported versions of its Windows Server software that cyber criminals are exploiting to compromise whole networks of computers. The Emergency patch release comes just one week after Microsoft provided its monthly security patch updates. The November 2014 Patch Tuesday updates included 16 security patches, five of which were rated by Redmond as "critical." The security update (MS14-068) addresses a vulnerability in the Windows component called Microsoft Windows Kerberos KBC , authentication system used by default in the operating system. The flaw allows an attacker to elevate domain user account privileges and access rights to that of a domain administrator account. As a result, if users unknowingly or accidentally run a malicious software on their system, it could therefore be used to compromise the entire network, which could be more dangerous for those who
Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

October 15, 2014Swati Khandelwal
As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been exploiting to penetrate major corporations' networks. Just a day before yesterday, our team reported you about a Zero-day vulnerability discovered by the cyber intelligence firm iSight Partners affecting all supported versions of Microsoft Windows and is being exploited in a five-year old cyber-espionage campaign against the Ukrainian government and U.S organisations. Researchers at FireEye found two zero-day flaws, used in separate, unrelated attacks involving exploitation of Windows kernel, just a day after iSight partners disclosed zero-day in Windows. The pair of zero-day vulnerabilities could allow an attacker to access a victim's entire system. According to the res
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.