Microsoft issues out-of-band patch – but wait for now.

MS14-068 has been issued an out-of-band patch, as mentioned at Darkreading

This is a Server patch – for Windows 2008, and Windows 2012 patch, this is a critical patch due to Kerberos authentication  needing this fix.

SANS Dr. Ullrich has a statement: ” Ullrich says privilege escalation rarely gets the critical rating because the step of escalating user privilege alone doesn’t lead to a compromise.”

Despite Microsoft’s recommendations of escalated patching, Ullrich says, given the high volume of security patches from Microsoft this month as well as problems with some of them, it’s probably best to test it first and wait a week before deploying it. “I consider this bug critical,” he says, but doesn’t need to be patched in a rush.


I would heed Dr. Ullrich’s advice and wait a little bit before patching.  Here is the SANS link


other side:  says to patch   elevation of privilege – good image on their site.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.