Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)

Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability .   About the vulnerability An authenticated user has signed into a device and locks his or her active session. An attacker with physical access could then perform actions that would allow them … Continue reading "Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)"

On-premises Identity-related updates and fixes for November 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for November 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4586830 November 10, 2020 The … Continue reading "On-premises Identity-related updates and fixes for November 2020"

On-premises Identity-related updates and fixes for October 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for October 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4580346 October 13, 2020 … Continue reading "On-premises Identity-related updates and fixes for October 2020"

On-premises Identity-related updates and fixes for September 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. Note: Although much attention was given this month to Secura’s ZeroLogon attack and the advice to update Windows Servers acting as Domain Controller immediately,, the underlying vulnerability was actually … Continue reading "On-premises Identity-related updates and fixes for September 2020"

An important update addresses a Spoofing Vulnerability in AD FS

Yesterday, for its September 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). About the vulnerability A spoofing vulnerability exists when Active Directory Federation Services (AD FS) on Windows Server 2016 and Windows Server 2019 improperly handles multi-factor authentication requests. This vulnerability is described in detail in CVE-2020-0837. … Continue reading "An important update addresses a Spoofing Vulnerability in AD FS"

RoboCopy supports Copying Files over SMB with Compression on Windows Server 2019, and beyond

Microsoft is working hard to add features to Windows Server vNext, but is not forgetting about the vast majority of organizations that run Windows Server 2019 and might like the same functionality. The feature that I want to discuss with you today is SMB compression with robocopy.exe. SMB Compression with Robocopy The announcement for Windows … Continue reading "RoboCopy supports Copying Files over SMB with Compression on Windows Server 2019, and beyond"

On-premises Identity updates & fixes for August 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4571694 August 11, 2020 The … Continue reading "On-premises Identity updates & fixes for August 2020"

On-premises Identity updates & fixes for July 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for July 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4565511 July 14, 2020 The July … Continue reading "On-premises Identity updates & fixes for July 2020"

HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In the pervious post of this series, we discussed encrypting traffic between AD FS Servers, servers running Azure … Continue reading "HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases"

On-premises Microsoft Identity-related updates and fixes for June 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for June 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4561616 June 9, 2020 The … Continue reading "On-premises Microsoft Identity-related updates and fixes for June 2020"