On-premises Identity-related updates and fixes for November 2022

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for November 2022:   Windows Server 2016 We observed the following updates … Continue reading "On-premises Identity-related updates and fixes for November 2022"

Domain Controllers running the latest updates may encounter LSASS memory leaks and unexpected restarts, unless…

After installing the most recent Updates on their Domain Controllers, some readers have reported in the comments that they experienced that the Local Security Authority Subsystem Service (LSASS) process on their Domain Controllers continually increases memory usage making their Domain Controllers become unresponsive and even automatically restart…   The cause Many Active Directory admins experienced issues … Continue reading "Domain Controllers running the latest updates may encounter LSASS memory leaks and unexpected restarts, unless…"

HOWTO: Install the most recent Updates on your Domain Controllers

To address a known issue that affects Windows Servers that have the Domain Controller role, Microsoft has released an out-of-band update. After installing the November 2022 cumulative updates on Domain Controllers, you might experience Kerberos authentication issues due to the way Microsoft addressed CVE-2022-37966.   Microsoft Windows 2022 Regardless of having installed the November 8, 2022 update for … Continue reading "HOWTO: Install the most recent Updates on your Domain Controllers"

A Critical Vulnerability in Veeam Backup for Google Cloud was automatically addressed (CVE-2022-43549)

Last week, Veeam identified a critical vulnerability in a component of its Backup for Google Cloud solution, that allows attackers to bypass authentication mechanisms and execute arbitrary code. About Veeam Backup for Google Veeam Backup for Google Cloud is a solution offered by Veeam to backup and restore Google Computer Engine instances, their persistent disks, … Continue reading "A Critical Vulnerability in Veeam Backup for Google Cloud was automatically addressed (CVE-2022-43549)"

Spend some Time on Properly Configuring and Monitoring your Domain Controllers this Patch Tuesday

This Patch Tuesday, Microsoft addressed 68 vulnerabilities. Of these vulnerabilities, three vulnerabilities are specific to Windows Server installations running as Domain Controllers. These updates are not of the ‘update and forget’ type of updates, but require some more work. So, spend some time on properly configuring your Domain Controllers, this Patch Tuesday. The three vulnerabilities … Continue reading "Spend some Time on Properly Configuring and Monitoring your Domain Controllers this Patch Tuesday"

On-premises Identity-related updates and fixes for September 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for September 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for September 2022"

On-premises Identity-related updates and fixes for August 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for August 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for August 2022"

An Elevation of Privilege vulnerability in Active Directory affects Certification Authorities (Critical, CVE-2022-34691)

This week, on its Patch Tuesday for August 2022, Microsoft released a patch that addresses a critical vulnerability (CVE-2022-34691) in Active Directory Domain Services (AD DS).   About the vulnerability An Elevation of Privilege (EoP) vulnerability exists in Active Directory Domain Services (AD DS). The vulnerability can be exploited over the network with low complexity … Continue reading "An Elevation of Privilege vulnerability in Active Directory affects Certification Authorities (Critical, CVE-2022-34691)"

On-premises Identity-related updates and fixes for July 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for July 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for July 2022"

A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"