Today, for its March 2022 Patch Tuesday, Microsoft released an important security update for domain controllers running Windows Server. This vulnerability is known as CVE-2022-24508 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who … Continue reading "A Windows SMBv3 Remote Code Execution Vulnerability affects your Windows Server 2022-based Domain Controllers (CVE-2022-24508)"
Category: Windows Server 2022
Microsoft Windows Server 2022
On-premises Identity-related updates and fixes for February 2022
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for February 2022"
Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)
Today, for its February 2022 Patch Tuesday, Microsoft released an important security update for DNS Servers running Windows Server. This vulnerability is known as CVE-2022-21984 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers. An attacker who successfully exploited the vulnerability could run arbitrary … Continue reading "Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)"
On-premises Identity-related updates and fixes for January 2022
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for January 2022"
Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)
During its Patch Tuesday on January 11th, 2022, Microsoft addressed a Remote Code Execution (RCE) security vulnerabilities that affects Windows Server 2019- and Windows Server 2022-based Active Directory Federation Services (AD FS) servers. About the vulnerability CVE-2022-21907 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. … Continue reading "Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)"
On-premises Identity-related updates and fixes for December 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These … Continue reading "On-premises Identity-related updates and fixes for December 2021"
On-premises Identity-related updates and fixes for November 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. These are the Identity-related updates and fixes we saw for November 2021: Windows Server 2016 We observed the following updates for Windows Server 2016: KB5007192 November … Continue reading "On-premises Identity-related updates and fixes for November 2021"
On-premises Identity-related updates and fixes for October 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. These are the Identity-related updates and fixes we saw for October 2021: Windows Server 2016 We observed the following updates for Windows Server 2016: KB5006669 October … Continue reading "On-premises Identity-related updates and fixes for October 2021"
On-premises Identity-related updates and fixes for September 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. Additionally, Windows Server 2022 received its first share of updates, last month. These are the Identity-related updates and fixes we saw for September 2021: Windows Server 2016 We … Continue reading "On-premises Identity-related updates and fixes for September 2021"
KnowledgeBase: The Windows Server 2022 Active Directory DFL and FFL do not exist
Just as there are no Windows Server 2019 Forest Functional Level (FFL) or Windows Server 2019 Domain Functional Level (DFL), there are no Windows Server 2022 FFL or DFL either in Microsoft Windows Server’s Active Directory Domain Services (AD DS). Impact The unavailability of the Windows Server 2022 Forest Functional Level (FFL) and Windows … Continue reading "KnowledgeBase: The Windows Server 2022 Active Directory DFL and FFL do not exist"