MS15-122: Security Update for Kerberos to Address Security Feature Bypass (3105256)
High Nessus Plugin ID 86828
SynopsisThe remote Windows host is affected by a security feature bypass vulnerability.
DescriptionThe remote Windows host is affected by a security feature bypass vulnerability in Kerberos due to a failure to check the password change of a user signing into a workstation. A remote attacker can exploit this vulnerability by connecting a workstation to a malicious Kerberos Key Distribution Center (KDC), resulting in the ability to decrypt drives protected by BitLocker.
Note that this vulnerability can only be exploited if the target system has BitLocker enabled without a PIN or USB key, and the computer is domain-joined.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, RT, 2012, 8.1, RT 8.1, 2012 R2, and 10.