Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Active Directory vulnerability could allow privilege escalation


Report ID: MS201111004
Date Published: 10 November 2011

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: remote


Affected Product/Component:

Active Directory
Active Directory Application Mode (ADAM)
Active Directory Lightweight Directory Service (AD LDS)




Summary

A vulnerability in Active Directory could allow an attacker to access network resources or execute code with authorized user privileges.



Detailed Description

Microsoft has issued a security update that addresses a vulnerability reported in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Systems with Active Directory installed and configured to use Lightweight Access Directory Protocol (LDAP) over SSL (LDAPS) are at highly at risk.

The cause of the vulnerability is Active Directory's failure to validate the revocation status of an SSL certificate, allowing the certificate to be accepted as valid. An attacker could take advantage of this condition to gain authentication to Active Directory domain using a revoked certificate assocaiated with a valid account on the domain. Upon successful exploitation, the attacker could be able to access network resources or run code with authorized user privileges. 

The issued security update patches this vulnerability by correcting the way that Active Directory verifies certificate against the Certification Revocation List (CRL). As a protection from potential exploit, users are recommended to install this latest update.

 



CVE Reference

CVE-2011-2014



Solution

Install the latest security patch for applicable component, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-086)



Online Virus Scanner

 
Run a quick online virus scan of your computer.