As you might recall, Microsoft offered a solution to systems administrators to set the local administrator password on domain-joined devices using Group Policy Preferences, but ended the solution, almost a year ago, when the encoding mechanism was decoded and an attack was created towards this vulnerability (CVE-2014-1812). Introducing LAPS Yesterday, Microsoft introduced version 6 … Continue reading "Security Thoughts: Microsoft Local Administrator Password Solution (LAPS, KB3062591)"
For its February 2015 Patch Tuesday on Tuesday February 10, Microsoft has released two security bulletin to address issues in Group Policy that would allow an attacker using a Man-in-the-middle (MitM) approach to bypass security policies, by forging packets sent by Domain Controllers. The situation In many organizations, Group Policies are used to centrally … Continue reading "Vulnerabilities in Group Policy could allow security policy bypassing (MS15-011, MS15-014, CVE-2015-0008, CVE-2015-0009)"
Last week, Microsoft released Security Bulletin MS04-025, including guidance and an update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain – a practice that could allow an attacker to retrieve and decrypt the … Continue reading "Security Thoughts: Passwords in Group Policy Preferences (CVE-2014-1812)"
Windows 8 and Windows Server 2012 are cloud-optimized Operating Systems. One of the areas where this is visible is the ability to connect domain accounts to Microsoft accounts (formerly known as Windows Live IDs). In this blogpost I’ll show you how this functionality works and how you can disable this functionality altogether or granularly with … Continue reading "New features in Active Directory Domain Services in Windows Server 2012, Part 9: Connected Accounts"