Microsoft issues "critical" out of band Windows Server patch
Software giant rolls out Windows Server update following reports of exploitation in the wild
Microsoft has released a "critical" out of band patch for all supported versions of Windows Server to prevent hackers gaining unauthorised access to IT systems.
Redmond's patch targets a vulnerability affecting the Kerberos KDC, which is an authentication service used to verify users and services on open and unsecured networks, and could allow an 'elevation of privilege' attack to take place.
"The vulnerability exists when the Microsoft Kerberos KDC implementations fail to properly validate signatures, which can allow for certain aspects of a Kerberos service ticket to be forged," Microsoft explained in a security alert.
Microsoft has graded the vulnerability as "critical" and said it affects all supported versions of Windows Server, from 2003 to 2012.
"An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers," the Microsoft security alert warned.
The software giant also confirmed it was aware that "limited, targeted attacks" had already taken place, as hackers looked to exploit the Kerberos security flaw, but none of these had involved Windows Server 2012 or 2012 R2 users.
An update to address the issue was reportedly scheduled for inclusion in the November round of Patch Tuesday security fixes, but was postponed.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
Wolfgang Kandek, CTO of security firm Qualys, said the fact the flaw is already being exploited explains why Microsoft has released it now, rather than wait for next month's Patch Tuesday.
"This bulletin was held back due to some last minute testing needs," Kandek revealed.
"Now Microsoft releases it out-of-band because they have seen some limited exploitation of the vulnerability in the wild," he added.
Caroline Donnelly was the news and analysis editor of IT Pro. Previously, she worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.
-
ITPro is 20!We take a look back on the past two decades since ITPro launched...
-
Cyber experts issue alert after two ransomware groups team up on ‘unprecedented’ threat campaignNews The tie-up includes a new model of industrialized ransomware deployment that significantly lowers the barrier to entry for cyber crime