Security Thoughts: Leveraging NTLM Hashes using Kerberos RC4-HMAC encryption (AKA Aorato’s Active Directory Vulnerability)

In a blogpost today, Tal Be'ery, Vice President Research at Aorato, an Israeli security company consisting of veterans of the Israeli Defense Forces specializing in Active Directory, published how weak encryption enables an attacker to change a victim’s password without being logged. Labeled as a vulnerability in Active Directory, this information sparked some controversy, so … Continue reading "Security Thoughts: Leveraging NTLM Hashes using Kerberos RC4-HMAC encryption (AKA Aorato’s Active Directory Vulnerability)"

I’ll be speaking at Ngi-NGNs ‘Systems Management: Beyond Control’ event

I’ve been associated with the Dutch Networking User Group (NGN) for almost five years now. I’ve been speaking at their events and have helped others achieve the same goal. NGN has recently joined forces with the Dutch Platform for IT Professionals (Ngi), and an old tradition has been dusted off: We’re organizing a Windows Server-themed … Continue reading "I’ll be speaking at Ngi-NGNs ‘Systems Management: Beyond Control’ event"

I was interviewed by Marqit.tv at the Tooling Event (Dutch)

Last month, I was present at the Dutch Tooling Event to talk to (potential) customers about my employer’s product and project portfolio. This event gets organized for people with an interest in IT systems management, IT service management, mobile device management and other IT-related themes. During the event, I was interviewed alongside Pieter Lacroix (Managing … Continue reading "I was interviewed by Marqit.tv at the Tooling Event (Dutch)"

Managing your Windows Server 2012 and Windows Server 2012 R2-based networking infrastructure with the Windows 8.1 RSAT

Managing a complex networking infrastructure can be as challenging as upgrading it to the latest version. While some organizations have adopted jump servers to allow admins to effectively manage their Windows Servers, other organizations rely on the Remote Server Administration Tools (RSAT). Now, with Microsoft’s new dynamic release schedule, it has become easier to upgrade … Continue reading "Managing your Windows Server 2012 and Windows Server 2012 R2-based networking infrastructure with the Windows 8.1 RSAT"

KnowledgeBase: Update adds support for Windows 8.1 and Windows Server 2012 R2 clients to Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 KMS hosts

I’ve written before on Active Directory-based Activation. This new activation method allows domain-joined Windows 8 clients, Windows 8.1 clients, Windows Server 2012 and Windows Server 2012 R2-based member servers to be activated and deactivated automatically based on their domain membership. I’m very fond of this feature. However, for many enterprise organizations, Active Directory-based Activation is … Continue reading "KnowledgeBase: Update adds support for Windows 8.1 and Windows Server 2012 R2 clients to Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 KMS hosts"

MS13-079 Vulnerability in Active Directory could allow denial of service (Important)

Earlier this week, during the September 2013 Patch Tuesday, Microsoft has released a new Active Directory-related security bulletin: MS13-079. With the third Active Directory-related Security bulletin this year, (after MS13-066 and MS13-032) Microsoft is sure having its hands full on patching the vulnerabilities found in these technologies.

KnowledgeBase: An update is available that improves management of weak certificate cryptographic algorithms in Windows

Last month, Microsoft has released KnowledgeBase article 2862966 An update is available that improves management of weak certificate cryptographic algorithms in Windows as a helping hand to administrators to indicate and/or eradicate the use of weak cryptographic algorithms in their networking environments.

MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)

On Tuesday, August 13, 2013 Microsoft, in its monthly Patch Tuesday, released MS13-066, a Security Bulletin addressing an issue with Active Directory Federation Services. This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). reveal information pertaining to the service account used by AD FS. An attacker could then attempt … Continue reading "MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)"

Security Thoughts: Are you still running XML Core Services (MSXML) 4.0 with Service Pack 2 in your environment?

Security and practicality often clash, especially with legacy software in the mix. Legacy software is painful from a security point of view. If you want to know how painful, keep on reading this blogpost. It features legacy functionality, unsupported software and security holes the size of Jupiter.