TPS-2014-005 Kerberos Checksum Vulnerability (CVE-2014-6324) Advisory

This notice is to advise Joyent Public Cloud and Smart Data Center customers of the recently identified Kerberos Checksum Vulnerability (CVE-2014-6324) for anyone using Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2.

If you are running a Windows VM, your environment may allow remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket. For more information on this vulnerability as well as steps you can take to mitigate CVE-2014-6324, please see:

If you have any questions or concerns about CVE-2014-6324 please raise a ticket at or by email to