Businesses in San Diego that are running Microsoft Windows SBS Servers should make note of a very major security hole in the system’s credential verification process.
Microsoft released a crucial security update on Tuesday that will supposedly plug a hole that allows attackers to elevate their own user credential to the status of administrator, and from there they’ll have virtually unlimited access to systems that are hooked up to the local area network.
The update, MS14-068, fixed a bug in Window’s Kerberos KDC authentication component. The issue applies more so to the server version of Windows, and Microsoft rates the security update as critical. It’s not often that Microsoft digress away from releasing updates on the second Tuesday of every month, but the recent Kerberos bug can cause irreversible damages if not patched.
According to Chris Goettl of the security firm Shavlik:
“The attacker could forge a Kerberos Ticker and send that to the Kerberos KDC which claims the user is a domain administrator. From there the attacker can impersonate any domain accounts, add themselves to any group, install programs, view, change or delete dates, or create any new account they wish. This could allow the attacker to then compromise any computer in the domain, including domain controllers.”
“This is pretty severe and definitely explains why Microsoft only delayed the release and did not pull it from the November Patch Tuesday release all together,” Goettl added, referring to the fact the Microsoft had intended to release the security update earlier last month.
Companies in the San Diego area need to contact their IT support team immediately to resolve this issue. As mentioned prior, the MS14-068 is critical, and any damages incurred because the patch was not applied may be permanent.
