On Tuesday, August 13, 2013 Microsoft, in its monthly Patch Tuesday, released MS13-066, a Security Bulletin addressing an issue with Active Directory Federation Services. This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). reveal information pertaining to the service account used by AD FS. An attacker could then attempt … Continue reading "MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)"
Security and practicality often clash, especially with legacy software in the mix. Legacy software is painful from a security point of view. If you want to know how painful, keep on reading this blogpost. It features legacy functionality, unsupported software and security holes the size of Jupiter.
One year of Windows XP support remains. After twelve years, now is the time to migrate off this 2001 Operating System or to take your security measures to assure your colleagues experience the least impact of the End of Support (EoS) situation. Of course, migrating to a later version of Windows or to another (supported) … Continue reading "So you want to continue using Windows XP?"
The Microsoft marketing department has decided to label a few of the incredible Windows features in Windows 7 and Windows 8 as ‘To Go’. Prime examples, of course, are ‘BitLocker-To-Go’ (encryption of removable drives) and ‘Windows-To-Go’ (running Windows from a removable drive). This week, I’m labeling the Windows Sidebar (Windows Vista) and Windows Desktop Gadgets … Continue reading "Windows Gadgets and Windows Sidebar to Go"
Most people spend the short days and long nights of December with loved ones. At Microsoft, December is a vacation month for a lot of employees as the end of December marks the first half of the fiscal year and targets have mostly been met. For the Active Directory team, however, December marked the fourth … Continue reading "Active Directory-related KnowledgeBase articles for December 2011"
It’s not very uncommon for Microsoft to issue a patch for a problem in Active Directory technologies (including Active Directory Domain Services, Lightweight Directory Services, Certificate Services, Rights Management Services, Federation Services and Group Policy). In this blog post, let’s look at some statistics
On Tuesday November 13, 2011 Microsoft, in its monthly Patch Tuesday, released a Security Bulleting addressing an issue with Active Directory. To exploit this vulnerability, an attacker would first need to acquire credentials to log on to an Active Directory domain. An attacker could then run a specially crafted application that could exploit the vulnerability … Continue reading "MS11-095 Vulnerability in Active Directory could allow Remote Code Execution (Important)"
While days are getting shorter in my part of the world, Microsoft relentlessly continues to address issues in Active Directory. Between November 1, 2011 and November 30, 2011 Microsoft introduced one Active Directory-related KnowledgeBase article with information, seven Active Directory-related KnowledgeBase articles with hotfixes, one KnowledgeBase article linked to a Active Directory-related Security Bulletin and … Continue reading "Active Directory-related KnowledgeBase articles for November 2011"
Whenever a worm utilizes the normal access and daily tools systems admins use, there is a significant problem. After all, shutting down the attack vector suddenly isn’t that easy. So, without making dramatic changes to your environment, how can you rest assured?
Microsoft touts the smaller attack surface as one of the biggest benefits of using Server Core, compared to a Full installation of Windows Server 2008. Because a Server Core installation is optimized, it doesn’t include most of the vulnerabilities found in Full installations. A consequence of these optimizations is a Server Core installation might need … Continue reading "The Server Core Updates Estimation, Revisited"