Understanding MS14-068

In November 2014, Microsoft issued a critical patch addressing a Kerberos issue on domain controllers.  This vulnerability enables an attacker to leverage any authenticated session to create a Kerberos ticket which can have any group membership in the Active Directory domain, to include membership in domain admins, schema admins, enterprise admins, or BUILTIN\Administrators.  In addition, a … Continue reading Understanding MS14-068