Skip to Content

Security Thoughts: Azure Active Directory Passport Library for Node.js is vulnerable for authentication bypass (CVE-2016-7191)

Written on September 29, 2016 at 10:24 AM, by

Yesterday night, we received a notification that a vulnerability in some older versions of the Azure Active Directory Passport Library for Node.js (Passport-Azure-AD) is vulnerable for authentication bypassing, because the ValidateIssuer setting wasn’t recognized, resulting in incorrectly validating tokens. An attacker who successfully exploits this vulnerability could bypass Azure Active Directory authentication to a targeted […]

Why Lifecycle Management can’t be a mere afterthought anymore

Written on September 23, 2016 at 7:35 AM, by

The world we live in has changed significantly over the past few years. We can no longer afford to use our traditional approach to IT. We need to adopt a new way of thinking. In my opinion, this way of thinking doesn’t end with maintenance, but starts with lifecycle management.   The traditional approach Enterprises […]

I’m an expert at the Dutch 2016 TechDays

Written on September 22, 2016 at 8:06 PM, by

Ever since I delivered a session at the Dutch 2011 TechDays with Marien de Gelder, I’ve been a regular at the Dutch TechDays events, hosted by Microsoft Netherlands’ DX team. Some TechDays editions I was invited as a speaker, other years I was asked to deliver hands-on advice to attendees as a subject matter expert […]

Azure AD Connect version has been released

Written on September 12, 2016 at 11:14 AM, by

Last week, Microsoft released a new version of Azure AD Connect for all your on-premises Active Directory Domain Services and LDAP v3 to Azure Active Directory, and thus Office 365, synchronization needs. Version of Azure AD Connect, dubbed the August 2016 release, adds fixes and improvements. Fixed issues This version introduces fixes for the […]

Azure Multi-Factor Authentication Server version for your convenience

Written on August 24, 2016 at 2:03 PM, by

This week, Microsoft released version of its on-premises Azure Multi-Factor Authentication Server to replace the revoked Azure Multi-Factor Authentication Server v7.1.1.1 bits, due to a signing issue in the Azure Multi-Factor Authentication User Portal, that resulted in problems with some Azure Multi-Factor Authentication Server deployments.   What’s New Allow users to choose their authentication […]

Why the Azure Active Directory Windows PowerShell Module is good news

Written on August 22, 2016 at 4:31 PM, by

Last week, Microsoft announced a new preview version of the Azure Active Directory Windows PowerShell Module. This is good news! Let me tell you why.   About the Azure AD PowerShell Module Using the Azure Active Directory Windows PowerShell Module, Azure AD Admins can manage several aspects of Azure Active Directory for their organizations and/or […]

Microsoft Authenticator – One easy-to-use app for all your multi-factor authentication needs

Written on August 15, 2016 at 11:35 PM, by

As announced on July 25, today, Microsoft’s new Microsoft Authenticator app replaces both its Azure Authenticator and Microsoft Account app as the one easy-to-use app for all your multi-factor authentication needs. Now, I’m not sure whether Microsoft will use the above slogan for the app, but to me it sums up what this new app […]

Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)

Written on August 10, 2016 at 8:54 PM, by

Yesterday, during its August Patch Tuesday, Microsoft released security update KB3178465 for Windows Authentication Methods, among other security-related updates. This update addresses two vulnerabilities in Microsofts implementation of its authentication methods in Active Directory scenarios: CVE-2016-3237 and CVE-2016-3300.   About the vulnerabilities Microsoft Kerberos Elevation of Privilege Vulnerability (CVE-2016-3237) A security feature bypass vulnerability exists […]

Azure Multi-Factor Authentication Server version is here

Written on July 21, 2016 at 7:52 AM, by

After March’s major release of Azure Multi-Factor Authentication Server, it’s good to see an update for the product released in a timely fashion to address the issues, that inevitable rise with a major release, as oposed to minor releases. As the Azure MFA team in Redmond is headed by a new manager, since then, it’ll also […]

Default checks to perform when implementing Hybrid Identity, Part 4: Groups with large memberships

Written on July 14, 2016 at 7:00 PM, by

Microsoft has introduced an impressive array of technologies and an awesome vision on Hybrid Identity: Their vision entails seamless access to corporate resources, services and applications for people, no matter where these resources, services and apps are located (either on-premises or in the cloud) while in the mean time allowing for strong authentication and granular […]