Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092, Important)

Today, for its April 2021 Patch Tuesday, Microsoft released an important security update for the Azure AD web sign-in feature in Windows and Windows Server. This vulnerability is known as CVE-2021-27092 and rated with CVSSv3.0 scores of 6.8/5.9. About Azure AD Web Sign-in Web Sign-in is a new way of signing into a Windows system. … Continue reading "Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092, Important)"

PFX Encryption Security Feature Bypass Vulnerability (CVE-2021-1731, Important)

Today, for its February 2021 Patch Tuesday, Microsoft released an important security update for certificates in Windows and Windows Server. This vulnerability is known as CVE-2021-1731 and rated with CVSSv3.0 scores of 5.5/4.8. When glancing over the vulnerability, it might not be a particularly important vulnerability, but its implications are wide and deep; This PFX … Continue reading "PFX Encryption Security Feature Bypass Vulnerability (CVE-2021-1731, Important)"

Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)

Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability .   About the vulnerability An authenticated user has signed into a device and locks his or her active session. An attacker with physical access could then perform actions that would allow them … Continue reading "Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)"

KnowledgeBase: LSASS on Windows 10 version 20H2 crashes and reboots unexpectedly on systems with renamed built-in administrator or guest accounts

On October 20th, 2020, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. Last week, Microsoft acknowledged an issue causing forced restarts on devices running Windows … Continue reading "KnowledgeBase: LSASS on Windows 10 version 20H2 crashes and reboots unexpectedly on systems with renamed built-in administrator or guest accounts"

Windows 10, version 20H2 build 19042 introduces five new Group Policy settings

On October 20th, 2020, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. This Windows version introduces five new Group Policy settings.   New Group Policy … Continue reading "Windows 10, version 20H2 build 19042 introduces five new Group Policy settings"

Knowledgebase: Important Issues for Windows 10, version 20H2 build 19042

On October 20th, 2020, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. On this page you can view the critical issues, that have currently been … Continue reading "Knowledgebase: Important Issues for Windows 10, version 20H2 build 19042"

Identity-related new features in Windows 10, version 20H2 build 19042

Yesterday, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. It’s time to look at the new Identity-related features in this version of Windows 10:   … Continue reading "Identity-related new features in Windows 10, version 20H2 build 19042"

HOWTO: Repurpose an Azure AD-joined device in an organization without Intune

Many organizations are adopting Azure AD Join as the mechanism to create a trust relationship between their Windows 10-based devices and their Identity solution. In the obligatory joiners/workers/leavers processes, however, it might make sense to repurpose an Azure AD-joined devices to another person in the organization. In this blogpost I’ll explain how to achieve this … Continue reading "HOWTO: Repurpose an Azure AD-joined device in an organization without Intune"

Happy Birthday, Windows 10!

On July 29th, 2015, Microsoft made Windows 10 generally available to people worldwide. Today, we celebrate Windows 10’s 5th anniversary! At its release, Windows 10 offered many new features, including its new release schedule, Cortana, the Action Center and Microsoft Edge. Its identity, security and management features make a lot of difference for large organizations, … Continue reading "Happy Birthday, Windows 10!"

Windows 10, version 2004 introduces 134 new Group Policy settings

Microsoft has released Windows 10 version 2004 build 19041 (or ‘Windows 10 May 2020 Update’) through Windows Server Update Services (WSUS) and Windows Update for Business. It was previously already available as download from Visual Studio Subscriptions, the Software Download Center (via Update Assistant or the Media Creation Tool), and the Volume Licensing Service Center. … Continue reading "Windows 10, version 2004 introduces 134 new Group Policy settings"