An array of cyber criminals have been exploiting a critical weakness that exists in all versions of Microsoft’s Windows Server in order to gain access to entire networks of computers instead of just individual ones. Since the potential consequences of such widespread attacks are dire, Microsoft responded to the threat with its prompt release of an emergency patch to prevent this from happening. This patch comes on the heels of the monthly scheduled updates, so Microsoft urges users to double-check that the patch has also been installed for the best security protocols.
The November 2014 Patch Tuesday actually includes 16 security patches, and five of those are deemed critical by Microsoft’s experts. It is, therefore, an update you don’t want to miss. One of the included patches, MS14-068, addresses the issue that allows cyber criminals to gain domain administrator rights through the Windows component Microsoft Windows Kerberos KBC. Once the attacker gains the elevated privilege he can then impersonate any account and add themselves to any group. They can also install software and change data or create any new accounts they wish. This could allow the attacker to compromise other computers in the domain, including domain controllers.
This is clearly a grave concern for organizations worldwide because one misstep by an individual who unwittingly releases malware into a single computer can actually compromise an entire network, causing a group-wide security issue. Although home Windows users aren’t as likely to be attacked, Microsoft encourages everyone to download the patch because there are already reported instances of cyber criminals using that vulnerability to their advantage. The Qualcomm Information Security & Risk Management team is credited with discovering this weakness in Windows Server and has played a key role in the development of the emergency update.