This week has not been a great one for Windows administrators. After a huge patch Tuesday, ridding the platform of some nasty remote code execution bugs and critical flaws in core components such as Schannel, another massive flaw has also been disclosed out-of-band affecting the platform.
MS16-068 or CVE2014-6324 is a critical bug in Kerberos, allowing any domain user with a set of valid credentials to escalate their privileges to domain admin, gaining huge control of the infrastructure and enabling the elevated account to do whatever they desire on the platform.
Attackers require a valid corporate credential but once obtained, something that is trivial in the age of the big password dumps and malware everywhere, they can easily escalate the prized domain admin account by forging a Privileged Access Certificate.
Unfortunately, once domain admin has been achieved, it's a trivial task to cover the tracks of the original attack and create new domain admin accounts for use in the future.
MS14-068 in the real world would be like scribbling the word "pilot" on a boarding pass and being waved through the throng of travellers to the front of the plane.
The channel should test and deploy the patch immediately for customer organisations, moving MS14-068 to the front of the long line of patches required for organisations to remain secure.
Gavin Millard is EMEA technical director at Tenable Network Security
Highlander MD Steve Brown tells CRN about the skills he learned on the pitch and brought to the boardroom
Reports suggest Dell is pursuing a straightforward IPO, contradicting existing plans to buy out tracking stock holders
Analysts predict upturn in PC market next year, but 2018 to remain plagued by components shortages
Neil Sawyer claims he has 'never seen so many conversations about a new method of investing in workplace technology'