JASBUG: High-Risk Security Vulnerability Discovered by JAS Global Advisors
The JASBUG security vulnerability is now public.
All computers and devices that are members of a corporate Active Directory may be at risk. The vulnerability is remotely exploitable and may grant the attacker administrator level privileges on the target machine/device.
JASBUG was discovered by the cybersecurity experts at JAS, while working with our partner simMachines on a research project for our client ICANN.
Please read the JASBUG Fact Sheet for additional details.
In addition, Microsoft provides a good explanation of the exploit here: MS15-011 Overview.
Subsequent to the initial announcement of JASBUG, JAS CEO and founder Jeff Schmidt has provided additional commentary on JASBUG here. This commentary cuts through some of the Fear Uncertainty and Doubt (FUD) and focus on a few points that really matter.
IT Professionals administering Microsoft networks should immediately review material from Microsoft.
Interview requests should be directed to jas-pr@walkersands.com.