MS Active Domain vulnerability; Patch now

November 19, 2014

If you operate Windows servers in a Windows Active Directory Domain, be advised that a significant vulnerability has been discovered and is being actively exploited. The vulnerability is known as CVE-2014-6324 and is the subject of a patch that was released yesterday.

Quoting from Microsoft's security blog posting: "CVE-2014-6324 allows remote elevation of privilege in domains running Windows domain controllers. An attacker with the credentials of any domain user can elevate their privileges to that of any other account on the domain (including domain administrator accounts)."

Due to the substantial risk posed by this vulnerability to server and AD integrity, all Windows servers with this vulnerability should be patched immediately. More information about the vulnerability and the available patch can be found at https://technet.microsoft.com/library/security/MS14-068.