Vulnerability in Kerberos Allows Elevation of Privilege

Recently, Microsoft has released a security update (MS14-068) for Windows Server. The patched vulnerability is in the Windows Kerberos Key Distribution Center (KDC), which generates the session tickets to identities within Active Directory while accessing the Domain’s resources. When clients request access to a resource, they contact the ticket-granting service in the target resource domain, …