Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability

by George Chetcuti [Published on 25 July 2013 / Last Updated on 25 July 2013]

Microsoft has released fixes to address this issue on supported platforms.

The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue affects Microsoft Systems Windows XP to Windows Server 2003 editions and is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials. Attackers exploit this issue to spoof the domain controller/KDC during the initial authentication process.

The recommendations are to block external access at the network boundary, unless external parties require service. Also, to allow only trusted hosts and networks to connect to affected Kerberos servers. TCP and UDP port 88 should be filtered at the network boundary.

Read more here - http://www.symantec.com/security_response/vulnerability.jsp?bid=14520

Add Review or Comment

See Also

Featured Links