MS14-068 has been issued an out-of-band patch, as mentioned at Darkreading
This is a Server patch – for Windows 2008, and Windows 2012 patch, this is a critical patch due to Kerberos authentication needing this fix.
SANS Dr. Ullrich has a statement: ” Ullrich says privilege escalation rarely gets the critical rating because the step of escalating user privilege alone doesn’t lead to a compromise.”
Despite Microsoft’s recommendations of escalated patching, Ullrich says, given the high volume of security patches from Microsoft this month as well as problems with some of them, it’s probably best to test it first and wait a week before deploying it. “I consider this bug critical,” he says, but doesn’t need to be patched in a rush.
I would heed Dr. Ullrich’s advice and wait a little bit before patching. Here is the SANS isc.sans.edu link
other side: http://securityaffairs.co/wordpress/30320/security/microsoft-patch-kerberos-bug.html says to patch elevation of privilege – good image on their site.
