Major bug CVE-2014-6324 is targeting active directories: A Newmind PSA

It’s 5 PM on a Monday, do you know who’s accessing your directories? A significant new vulnerability has been hitting Windows networks this week, but it’s (hopefully) not too late for you to take action on it.

Technet tells us that attackers could gain elevated admin access to your network, if the exploit is followed through on unprotected software. Scary as this may sound, you should still have time to fortify your security with your IT staff or MSP. And if you’re a Newmind client, then we’ve already got you covered!

Who could be affected?

The exploit was first discovered on Windows Server 2008R2, but they’ve traced it through many other Windows platforms. A full list can be found on Technet’s blog.

While the recent attacks have all targeted specific organizations, Microsoft believes that individuals exploiting this bug, called CVE-2014-6324, will soon be targeting other networks indiscriminately. This means that the time to act is now!

All that it takes for network to become infected a single executable file, that could reach you from any online source. If a user clicks that file while logged in to your active directory, it begins running instantly, and spreads as soon as you open other programs on your computer. The attacker can then run any code they want, as if they had domain admin rights.

Long story short, this is a very serious threat.

So what action should you take?

Thankfully, Microsoft has issued the necessary patch, called MS14-68, to defend against this exploit. So if you’re still not up-to-date, contact your CIO or MSP, and get patching now!

 
Need sound advice on network security? Give us a call. Any other security questions?