Technical Information

Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with access to a primary domain controller (PDC) on a target network runs a specially crafted application to establish a secure channel to the PDC as a backup domain controller (BDC).

Detailed Information on the risk:

An elevation of privilege vulnerability exists in Netlogon that is caused when the service improperly establishes a secure communications channel to a primary domain controller (PDC). To successfully exploit this vulnerability, an attacker would first need to have access to a PDC on a target network. An attacker could then run a specially crafted application that could establish a secure channel to the PDC as a backup domain controller (BDC) and may be able to disclose credentials. Servers configured as domain controllers are at risk from this vulnerability. The update addresses the vulnerability by modifying the way that Netlogon handles establishing secure channels.

Further information on this exploit is available at : MS15-071

Windows Server 2003 Service Pack 2 
Windows Server 2003 x64 Edition Service Pack 2 
Windows Server 2003 with SP2 for Itanium-based Systems 
Windows Server 2003 R2 Service Pack 2 
Windows Server 2003 R2 x64 Edition Service Pack 2 
Windows Server 2008 for 32-bit Systems Service Pack 2 
Windows Server 2008 for x64-based Systems Service Pack 2 
Windows Server 2008 for Itanium-based Systems Service Pack 2 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 
Windows Server 2012 R2 (Server Core installation)