Users of Microsoft Security Bulletin please be advised of a Local Security Subsystem Service Could Allow Elevation of Privilege vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MS10-068: Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if an authenticated attacker sent specially crafted Lightweight Directory Access Protocol (LDAP) messages to a listening LSASS server. In order to successfully exploit this vulnerability, an attacker must have a member account within the target Windows domain. However, the attacker does not need to have a workstation joined to the Windows domain.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/b5OLs1
No comments:
Post a Comment