Microsoft Authenticator – One easy-to-use app for all your multi-factor authentication needs

As announced on July 25, today, Microsoft’s new Microsoft Authenticator app replaces both its Azure Authenticator and Microsoft Account app as the one easy-to-use app for all your multi-factor authentication needs. Now, I’m not sure whether Microsoft will use the above slogan for the app, but to me it sums up what this new app … Continue reading "Microsoft Authenticator – One easy-to-use app for all your multi-factor authentication needs"

Certificate Services and Hardware Security Modules

A lot of deployment of Active Directory Certificate Services is never deployed with an Hardware Security Module (HSM). Now this does not have to be a problem depending on the use of the issued certificates. In some deployments however it can be a serious security risk not to incorporate a HSM into the design. What … Continue reading "Certificate Services and Hardware Security Modules"

The end is nigh for Exchange 2007: support nearing end and some other reasons to upgrade

The Exchange Team blog reminded us today that in about a year the extended support for Exchange Server 2007 will end. This means no more updates of any kind, not even security updates. Feature updates already stopped 4 years earlier when Mainstream support ended. The product will continue to run, but how longer it’s being … Continue reading "The end is nigh for Exchange 2007: support nearing end and some other reasons to upgrade"

In light of Windows 10: Comparing Service and Privacy agreements

There's been a lot of media attention regarding Windows 10 and privacy concerns. Unfortunately not all reports contain correct facts while others suggest some of the implemented technology is unique for Windows 10. There's a lot of bad reporting (do some of them even fact check?) or even malicious FUD (Fear, Uncertainty and Doubt) out … Continue reading "In light of Windows 10: Comparing Service and Privacy agreements"

Checking security protocols and ciphers on your Exchange servers

Microsoft states that Exchange 2010 and 2013 are secure out of the box. With this they mean that every traffic coming in and out of Exchange is one way or another encrypted with security protocols. Whether this is web traffic or specific for SMTP. Even IMAP and POP are enabled with mandatory encryption (although the … Continue reading "Checking security protocols and ciphers on your Exchange servers"

IIS Exploit can reboot your Windows Server; install patch KB3042553 ASAP

This week Microsoft release a patch for Windows 7/Windows Server 2008 R2 and up that fixed a critical remote execution bug, see MS15-034 and CVE-2015-1635 for more info. Unfortunately the patch was reversed engineered and now an exploit is available. This was detected and described by ISC SANS. They added Denial of Service (DoS) as possible impact, … Continue reading "IIS Exploit can reboot your Windows Server; install patch KB3042553 ASAP"

Security Thoughts: LSASS Protection in Windows 8.1 and Windows Server 2012 R2

I’ve written about Pass-the-Hash (PtH) attacks before. Today, I’m writing on the cleanup mechanisms to remove lingering password(hashe)s from Windows, that Microsoft has introduced with Windows 8.1 and Windows Server 2012 R2. These mechanisms help protect against Pass-the-Hash (PtH) attacks.

KEMP LoadMaster vs IIS 8.0 ARR: a note on security

Introduction In my spare time I like to test software/appliances that I work with, for security flaws. Since the heartbleed bug has made news headlines around the world, I take extra measures to secure everything that needs SSL to work. NOTE: Kemp has released a firmware that patches the Hearbleed vulnerability. Please download it and … Continue reading "KEMP LoadMaster vs IIS 8.0 ARR: a note on security"

KnowledgeBase: A hotfix is available that records more information in event ID 5125 for an OCSP response

Last month, Microsoft released a KnowledgeBase article for Active Directory Certificate Services running on Windows Server 2008 R2 with Service Pack 1 and Windows Server 2012. Note: This KnowledgeBase article doesn’t apply to Windows Server 2012 R2, although the same issue exists as in Windows Server 2008 R2 and Windows Server 2012.   The situation … Continue reading "KnowledgeBase: A hotfix is available that records more information in event ID 5125 for an OCSP response"

Exchange RBAC might be more granular than you think

Most Exchange admins probably know (or should know )  the permission model since Exchange 2010 is Role Based Access Control, RBAC for short. With it, you can regulate quite granularly what admins and end-user are able to do, without the hassles of Access Control Lists (ACLs). However, it recently became clear that it might be … Continue reading "Exchange RBAC might be more granular than you think"