Microsoft Windows Kerberos Checksum Remote Privilege Escalation Vulnerabilities

Summary

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka ‘Kerberos Checksum Vulnerability.’

Credit:

The information has been provided by The Qualcomm Information Security & Risk Management team, with special recognition for Tom Maddock.


Details

Vulnerable Systems:
 * Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2

Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system.

CVE Information:
CVE-2014-6324

Disclosure Timeline:
Original release date: 11/18/2014
Last revised: 12/02/2014

Categories: Windows