VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3

Today, Broadcom issued a second update to VMSA-2024-003 for VMware ESXi, specifically to address the vulnerability CVE-2024-37085. This vulnerability, with a CVSSv3 base score of 6.8 out of 10 (Moderate), allowed an adversary with sufficient Active Directory permissions to gain full access to ESXi hosts.   About the vulnerability For an adversary to abuse this … Continue reading "VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3"

On-premises Identity-related updates and fixes for July 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for July 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for July 2024"

Sympathy for the devil, empathy for the Identity professional

Working with Microsoft-focused identity admins, I noticed a couple of common themes with these fellow identity people that make them feel like they can't make any right decisions anymore, they got stuck somehow and feel miserable all the time… In their minds, a perfect storm is raging. Identity professionals in this state are experienced as … Continue reading "Sympathy for the devil, empathy for the Identity professional"

On-premises Identity-related updates and fixes for June 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for June 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for June 2024"

On-premises Identity-related updates and fixes for May 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for May 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for May 2024"

A Denial of Service vulnerability threatens the availability of virtual Domain Controllers on VMware ESXi (VMSA-2024-0011, Important, CVE-2024-22273)

This week, Broadcom VMware released an update that addresses a vulnerability in ESXi. This vulnerability could be abused to negatively impact the availability of virtual Domain Controllers running on ESXi hosts. Note:  The vulnerability exists in VMware Cloud Foundation, too. The vulnerability was responsibly disclosed to Broadcom VMware.   About the DoS vulnerability The vulnerability … Continue reading "A Denial of Service vulnerability threatens the availability of virtual Domain Controllers on VMware ESXi (VMSA-2024-0011, Important, CVE-2024-22273)"

On-premises Identity-related updates and fixes for April 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for April 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for April 2024"

The video of my session on Backing up and Restoring Virtual Domain Controllers for the Dutch Veeam User Group Meetup is now available

On Tuesday March 19th, I presented a 20-minute session on backing up and restoring virtual Domain Controllers as part of the Veeam User Group Netherlands Meetup. My goal was to offer four tips and tricks to get in to a zen state as an Active Directory admin when worrying about backing up and restoring virtual … Continue reading "The video of my session on Backing up and Restoring Virtual Domain Controllers for the Dutch Veeam User Group Meetup is now available"

On-premises Identity-related updates and fixes for March 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for March 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for March 2024"

DTAPR – Is it worthwhile to add a Ransomware Recovery environment?

Serious IT environments don't just have a test environment. They also have development, acceptance and/or production environments. 🤡 For applications, having a development, test, acceptance (on-premises) and/or staging (typically cloud) implementation or instance seems common. For infrastructure, however, it is not. The availability, confidentiality and integrity of many Active Directory environments needlessly suffer because of … Continue reading "DTAPR – Is it worthwhile to add a Ransomware Recovery environment?"