https://technet.microsoft.com/en-us/library/security/MS14-068 For anyone running an AD environment, MS released a new critical update to address a privilege elevation attack that allows anyone with valid domain user rights to elevate to domain admin. Targeted attacks are already occurring using this vector. Get it patched on servers as quickly as possible, especially DCs.