Microsoft Security Bulletin MS14-068 - Critical

November 18, 2014, Microsoft announced a critical security flaw in the Kerberos protocol bulletin MS14-068. The latter is referenced under code CVE-2014-6324.

Kerberos is an authentication protocol used on untrusted networks. Authentication and data encryption are via a key exchange. This Protocol is part of the elements available in Active Directory authentication and security.

- What is it allows?

The flaw would allow a malicious person to grant rights within an Active Directory administrator level. Subsequently, it could jeopardize any equipment related to domain. < br / >

Since when does it exist?

Versions of Windows servers are particularly affected. However, as a safety and a more comprehensive fight against this flaw, a patch also was deployed to the desktop versions. < br / > The fault is present on all the following versions of Windows:

  • Windows Server 2003
    • Windows Server 2003 Service Pack 2
    • Windows Server 2003 x 64 Edition Service Pack 2
    • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista
    • Windows Vista Service Pack 2
    • Windows Vista x 64 Edition Service Pack 2
  • Windows Server 2008
    • Windows Server 2008 for 32-bit Systems Service Pack 2
    • Windows Server 2008 for x 64-based Systems Service Pack 2
    • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7
    • Windows 7 for 32-bit Systems Service Pack 1
    • Windows 7 for x 64-based Systems Service Pack 1
  • Windows Server 2008 R2
    • Windows Server 2008 R2 for x 64-based Systems Service Pack 1
    • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows 8 and Windows 8.1
    • Windows 8 for 32-bit Systems
    • Windows 8 for x 64-based Systems
    • Windows 8.1 for 32-bit Systems
    • Windows 8.1 for x 64-based Systems
  • Windows Server 2012 and Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2012 R2
  • Server Core installation option
    • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
    • Windows Server 2008 for x 64-based Systems Service Pack 2 (Server Core installation)
    • Windows Server 2008 R2 for x 64-based Systems Service Pack 1 (Server Core installation)
    • Windows Server 2012 (Server Core installation)
    • Windows Server 2012 R2 (Server Core installation)

How to fix the?

Update your Windows. The patch was deployed and should be available in the list of updates available via Windows update. More information about the patch here: KB 3011780. A restart you will be asked to complete the installation of this update.

We recommend to perform all your backups before starting the operation.

< br / >

We remind you that it is recommended to regularly update your applications and services, to guarantee their stability and security. < br / >

If you have a managed or shared delivery, please be aware that our teams are already necessary to apply the patch across our infrastructure.


Add new comment