• »
  • Latest Threats
  • Desktop
  • Server
  • critical Severity (Can fully compromise system)

Windows Vista 7 and 8 vulnerability allows attacker to elevate privileges to administrator

critical Severity            Affects:
Windows Vista
Windows 7
Windows 8
Windows 8.1
Windows RT
Windows RT 8.1

A flaw in the Kerberos KDC protocol for Windows versions since Vista allows a malicious user to elevate privileges to administrator level. This vulnerability has been documented in the following advisory: Kerberos Checksum Vulnerability - CVE-2014-6324 

Kerberos is a protocol that is used to mutually authenticate users and services on an open and unsecured network. It allows services to correctly identify the user of a Kerberos ticket without having to authenticate the user at the service. It does this by using shared secret keys.

An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability.

The security update addresses the vulnerability by correcting signature verification behavior in Windows implementations of Kerberos.


The following versions of Windows desktop edition are affected:

Windows Vista
Windows 7
Windows 8 and Windows 8.1
Windows RT and Windows RT 8.1


Also, this affects the following server Windows versions as well:

Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012 and Windows Server 2012 R2
Server Core installation option

[Read advisory for Windows Server]


RECOMMENDATION

Patching in the vulnerability:

The fix patch is applied via Windows Update on the affected machine(s).

To view more in-depth details about the affected versions see Microsoft Security Bulletin MS14-068

There are no known workarounds.