12 results for ms14068

MS14-068: Vulnerability in (Active Directory) Kerberos Could Allow Elevation of Privilege

Active Directory leverages the Kerberos protocol for authentication. The vulnerability patches an issue with how the Domain Controller validates group membership in Kerberos tickets (hint: the ticket is always validated by the DC if the checksum is set to certain values). Microsoft KB3011780 patches this issue. According to Microsoft: “When this security bulletin was issued, …

Continue reading

Security Resources

This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits. Last Updated: May 2016 Note that this page isn’t actively updated. Visit the Attack, Defense, & Detection page for updated content.   Microsoft Enterprise & Active Directory Security Documents (& Blog …

Continue reading