Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996, CVSSv3 6.5/5.7)

Today, for its December 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS).   About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-16996. If you use Protected Users and Resource-Based … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996, CVSSv3 6.5/5.7)"

VMware vSphere 7.0 Update 1 introduces an interface for advanced time synchronization configuration

Back in July 2019, I wrote a blogpost on managing Active Directory Time Synchronization on VMware vSphere. This blogpost details how to configure time settings for Domain Controllers running as virtual machines on top of VMware vSphere. This blogpost introduced the concept of advanced time synchronization configuration. Now it’s time for an update; both for … Continue reading "VMware vSphere 7.0 Update 1 introduces an interface for advanced time synchronization configuration"

The video of my presentation at the 2020 Hybrid Identity Protection Conference is now available

The Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management. The event offers a unique opportunity to spend time with peers, whose day-to-day job is to architect, manage, and protect identity management in the … Continue reading "The video of my presentation at the 2020 Hybrid Identity Protection Conference is now available"

The video of our presentation at Veeam Live is now available

Veeam organized its Veeam Live event on October 20th, 2020. Veeam is defining the future of cloud data solutions and helping today’s businesses securely and reliably protect and easily recover their data. At Veeam Live, they offered data protection management guidance, showed how to up your data protection game and allowed to connect with like-minded … Continue reading "The video of our presentation at Veeam Live is now available"

Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller compromise (Critical, VMSA-2020-0026, CVE-2020-4004, CVE-2020-4005)

Today, VMware released an update that addresses a use-after-free vulnerability in the XHCI USB controller (CVE-2020-4004) and a VMX elevation-of-privilege vulnerability CVE-2020-4005). Together these two vulnerabilities can be used to compromise virtual Domain Controllers running on ESXi. Note: The vulnerabilities exist in VMware Cloud Foundation, too. The two vulnerabilities were responsibly disclosed to VMware by … Continue reading "Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller compromise (Critical, VMSA-2020-0026, CVE-2020-4004, CVE-2020-4005)"

Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)

Yesterday, for its November 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS).   About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-17049. A security feature bypass vulnerability exists in … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)"

The video of my talk at the European SharePoint Office 365 and Azure Conference is now available

The European SharePoint, Office 365 & Azure Conference (ESPC) is Europe’s leading online community, providing educational resources and encouraging collaboration. Therefore, I was more than happy to announce that I was returning as a speaker for the European SharePoint, Office 365 and Azure Conference (ESPC) 2020. On October 15th, while my pre-recorded presentation was playing, … Continue reading "The video of my talk at the European SharePoint Office 365 and Azure Conference is now available"

Azure AD Connect version 1.3.20.0 and older versions are no longer supported

As announced as part of the Azure AD Connect Version Release History page and shared here earlier, yesterday marked the end of Azure AD Connect version 1.3.20.0 and older versions of Azure AD Connect. This way, Microsoft starts enforcing its 18-month support policy for Azure AD Connect versions. For Azure AD Connect admins, running an … Continue reading "Azure AD Connect version 1.3.20.0 and older versions are no longer supported"

Group Policy Elevation of Privilege Vulnerability (CVE-2020-16939, Important)

On Tuesday October 13th 2020, Microsoft released updates for all supported versions of Windows and Windows Server to address an elevation of privilege vulnerability in Group Policy, marked as important. Its official common vulnerabilities and exposures (CVE) id is CVE-2020-16939. Yesterday, the Zero Day Initiative (ZDI) shared more details and a Proof of Concept (PoC). … Continue reading "Group Policy Elevation of Privilege Vulnerability (CVE-2020-16939, Important)"

From the Field: The case of the randomly rebooting Domain Controllers

Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be learned for anyone, if you’re willing to look closely and listen carefully. Last month, I experienced an issue with all four Domain Controllers … Continue reading "From the Field: The case of the randomly rebooting Domain Controllers"