CVE-2014-6324 issued against Microsoft's handling of KDC PAC's.

Jeremy Allison jra at
Wed Nov 26 15:22:30 MST 2014

On Wed, Nov 26, 2014 at 09:28:41PM +1300, Andrew Bartlett wrote:
> We should probably put something up saying we are not vulnerable, and
> anyone running a Windows AD server really, really should upgrade.  This
> is one of the nastiest issues in a long time, and is being exploited in
> the wild. 

Andrew, can you write up some text for this and
maybe we can get it up on the main
website as the reverse of a security-note.

I'm off for US Thanksgiving until Monday,
so don't expect anything more from over
here until then, sorry :-).


More information about the samba-technical mailing list