Keep going week, Microsoft released 14 security bulletins at the same time as part of bit Tuesday in support of November 2014. The updates controlled four rated at the same time as grave, plus a vulnerability so as to affects the Windows Secure Channel (SChannel) security package.
But interestingly, two updates originally scheduled in support of issue keep going week (MS14-068 and MS14-075), were held back.
On Tuesday, Nov. 18, popular an out-of-band revise, Microsoft released security bulletin MS14-068. Rated at the same time as grave, the bit addresses a vulnerability popular Microsoft Windows Kerberos KDC so as to possibly will allow an enemy to make higher poor domain user bank account privileges to individuals of the domain administrator bank account.
Microsoft understood the vulnerability has been exploited popular narrow, under attack attacks.
“An enemy so as to successfully exploited this vulnerability possibly will imitate several user on the domain, plus domain administrators, and join several cluster,” Microsoft explained. “By impersonating the domain administrator, the enemy possibly will install programs; panorama, switch before delete data; before create inexperienced accounts on several domain-joined usage.”
The flaw, which was privately reported to Microsoft, requires so as to an enemy enjoy suitable domain credentials to be present exploited. The affected constituent is accessible somewhat to users who enjoy standard user accounts with domain credentials; this is not the defense in support of users with regional bank account credentials no more than, Microsoft explained.
Microsoft understood so as to the security revise is rated grave in support of all supported editions of Windows member of staff serving at table 2003, Windows member of staff serving at table 2008, Windows member of staff serving at table 2008 R2, Windows member of staff serving at table 2012, and Windows member of staff serving at table 2012 R2. Additionally, Microsoft provided the revise on a “defense-in-depth basis” in support of all supported editions of Windows scene, Windows 7, Windows 8, and Windows 8.1.
Why did Microsoft take back on releasing the bit keep going week? The answer is blurred, but it possibly will be present in support of a amount of reasons.
“It is not uncommon in support of a bad bit to be present pulled in the QA process,” Tyler Reguly, director of security examine by TripWire, told SecurityWeek.
Reguly and suggested so as to Microsoft can enjoy considered rethinking their issue go out with this month due to Veteran's calendar day popular the US and Remembrance calendar day popular commonwealth nations, to ensure IT/IS teams were accessible and fully staffed to react to the massive bit crash.
“MS14-068 was originally scheduled to be present released with November’s bit Tuesday and was held back, presumably due to a budding in support of a pessimistic boundary effect of the bit before approximately question approximately the completeness of the bit," Ross Barrett, senior director of security engineering by Rapid7, told SecurityWeek. "Obviously as Microsoft is aware of ‘limited under attack attacks’ they were motivated to follow the massage given away at the same time as soon at the same time as on the cards, relatively than pass the time in support of December."
Anyhow of the logic, users be supposed to apply the security revise (MS14-068) at the same time as soon at the same time as on the cards.
“The mitigating thing at this time is so as to an enemy necessity enjoy already authenticated at the same time as a suitable domain user to exploit this vulnerability,” Barrett added.
Tags : Microsoft
没有评论:
发表评论