Plesk Panel for Windows security flaw

December 8, 2014, the Parallels security team discovered a flaw deemed critical. Parallels immediately announced the discovery of this vulnerability with a patch publicly.

Is that it allows?

A critical security in Parallels Plesk Panel for Windows vulnerability has been recently identified. This could allow users to allow access to the data of other users of the Plesk server. This vulnerability is limited to Plesk for Windows.

Since when does it exist?

The fault is present on versions of Plesk Panel 10.4.4 11.0, 11.5 and 12.0.

Microsoft Security Bulletin MS14-068 - Critical

November 18, 2014, Microsoft announced a critical security flaw in the Kerberos protocol bulletin MS14-068. The latter is referenced under code CVE-2014-6324.

Microsoft Security Bulletin MS14-066 - Critical

Update 2014-11-19 10:40 UTC + 1

November 18, Microsoft released a new version of its patch KB 2992611. If you had already patched, the patch must be re-applied. < br / > The latter is available through Windows Update.