Microsoft Security Bulletin MS14-068 – Critical

This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. Read more at https://technet.microsoft.com/library/security/MS14-068