The May 2022 updates for all supported versions of Windows Server may cause Active Directory authentication failures. Microsoft is investigating the issue. A workaround is available for organizations experiencing issues. The situation The Windows updates of May 10th, 2022, address several vulnerabilities on Domain Controllers, including several of the ten LDAP Remote Code Execution vulnerabilities … Continue reading "The May 2022 Windows Updates may cause Active Directory Authentication Failures"
One Identity My home network has been Ubiquiti Unifi stuff for years now and I am quite happy with their products. It didn't fail me during numerous video conferencing calls since March 2020 (you know why…). Now that I am increasingly away from home, I do use the L2TP VPN solution more often to acces … Continue reading "Ubiquiti UID and Microsoft 365: SSO with your VPN"
I’m proud to share that I’ll be presenting at Techorama Belgium for the fourth time as an accepted speaker for Techorama Belgium 2022. About Techorama Techorama Belgium is a yearly international technology conference that takes place at Kinepolis Metropolis Antwerp. Techorama welcomes 1700 attendees, a healthy mix between developers, IT Professionals, Data Professionals and SharePoint … Continue reading "I’m speaking at Techorama Belgium 2022"
When looking at the May 2022 Patch Tuesday today, I noticed an update that specifically addresses an LSA Spoofing vulnerability. This vulnerability is specific to Domain Controllers (in the default configuration), so this sparked my interest in the update. About the vulnerability A spoofing vulnerability exists in the Windows Local Security Authority (LSA). This vulnerability … Continue reading "The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)"
When looking at the May 2022 Patch Tuesday today, I noticed ten updates that specifically address Remote Code Execution (RCE) vulnerabilities in Windows LDAP. These vulnerabilities are specific to Domain Controllers (in the default configuration), so this sparked my interest in these updates. Ten Windows LDAP RCE vulnerabilities Ten Windows LDAP remote code execution vulnerabilities … Continue reading "The May 2022 Patch Tuesday addresses 10 LDAP Remote Code Execution vulnerabilities (Critical, CVSSv3 9.8)"
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for April 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for April 2022"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for April 2022: What’s New Microsoft Defender for Endpoint Signal in Identity … Continue reading "What's New in Azure Active Directory for April 2022"
This month the beta exam MS-220: Troubleshooting Microsoft Exchange Online became available. This exam will provide the Microsoft 365 Certified: Exchange Online Support Engineer Specialty. Microsoft Learning announced this new certification in March. Because it's a beta exam there is not a lot of training material or courses (yet) you can use to prepare. I've … Continue reading "Exam MS-220 Exchange Online Troubleshooting list of sources"
On May 9th, 2022, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on establishing device trust in the modern age. Over 95% of organizations over 50 people use Active Directory today. Active Directory is the main target for attackers. This leads to data leaks … Continue reading "You’re invited to the IT-University Masterclass – Securing Active Directory using cloud services… Say What!?"
When looking at the April 2022 Patch Tuesday today, I noticed eighteen updates that specifically address vulnerabilities in DNS Server. These vulnerabilities are specific to Domain Controllers running DNS Server (in the default configuration), so this sparked my interest in these updates. Eighteen DNS Server vulnerabilities Seventeen Remote Code Execution vulnerabilities Seventeen DNS Server … Continue reading "The April 2022 Patch Tuesday addresses 18 vulnerabilities for Domain Controllers running as DNS Servers"