CVE-2015-6095

Name of the Vulnerable Software and Affected Versions Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1 Windows 10 Gold and 1511

Description The issue is related to how Kerberos in Windows handles password changes, allowing physically proximate attackers to bypass authentication. This can lead to decryption attacks against certain BitLocker configurations by connecting to an unintended Key Distribution Center (KDC). The vulnerability is associated with errors in managing registration data, which can be exploited by a local attacker to bypass the authentication procedure or obtain BitLocker keys.

Recommendations For Windows Vista SP2, update the system to address the Kerberos security feature bypass issue. For Windows Server 2008 SP2 and R2 SP1, apply the necessary patch to fix the Kerberos authentication bypass vulnerability. For Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511, ensure that Kerberos is properly configured to check password changes for users signing into a workstation, and consider restricting access to Key Distribution Centers (KDCs) to minimize the risk of exploitation. As a temporary workaround, consider disabling Kerberos authentication on target machines until a patch is available.