On-premises Identity-related updates and fixes for July 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for July 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for July 2022"

On-premises Identity-related updates and fixes for June 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for June 2022:   Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for June 2022"

On-premises Identity-related updates and fixes for May 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for May 2022:   Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for May 2022"

On-premises Identity-related updates and fixes for March 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for March 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for March 2022"

A Windows SMBv3 Remote Code Execution Vulnerability affects your Windows Server 2022-based Domain Controllers (CVE-2022-24508)

Today, for its March 2022 Patch Tuesday, Microsoft released an important security update for domain controllers running Windows Server. This vulnerability is known as CVE-2022-24508 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who … Continue reading "A Windows SMBv3 Remote Code Execution Vulnerability affects your Windows Server 2022-based Domain Controllers (CVE-2022-24508)"

On-premises Identity-related updates and fixes for February 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for February 2022"

Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)

Today, for its February 2022 Patch Tuesday, Microsoft released an important security update for DNS Servers running Windows Server. This vulnerability is known as CVE-2022-21984 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers. An attacker who successfully exploited the vulnerability could run arbitrary … Continue reading "Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)"

On-premises Identity-related updates and fixes for January 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for January 2022"

Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)

During its Patch Tuesday on January 11th, 2022, Microsoft addressed a Remote Code Execution (RCE) security vulnerabilities that affects Windows Server 2019- and Windows Server 2022-based Active Directory Federation Services (AD FS) servers. About the vulnerability CVE-2022-21907 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. … Continue reading "Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)"

On-premises Identity-related updates and fixes for December 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for December 2021"