RealTime IT News

Microsoft Goes Out-of-Band for Priviledge Escalation Flaw

MS14-068, is now out in an emergency out-of-band patch update for a critical vulnerability in the Windows Kerberos authentication mechanism.

The vulnerability has been identified as CVE-2014-6324, and, according to Microsoft's advisory, an attacker could potentially exploit the Kerberos vulnerability to elevate unprivileged domain user account privileges to those of the domain administrator account.

"An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers," Microsoft warned. "When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability."

Read the full story at eWEEK:
Microsoft Issues Emergency Patch for Kerberos Bug

Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.