An Elevation of Privilege vulnerability in Active Directory affects Certification Authorities (Critical, CVE-2022-34691)

This week, on its Patch Tuesday for August 2022, Microsoft released a patch that addresses a critical vulnerability (CVE-2022-34691) in Active Directory Domain Services (AD DS).   About the vulnerability An Elevation of Privilege (EoP) vulnerability exists in Active Directory Domain Services (AD DS). The vulnerability can be exploited over the network with low complexity … Continue reading "An Elevation of Privilege vulnerability in Active Directory affects Certification Authorities (Critical, CVE-2022-34691)"

On-premises Identity-related updates and fixes for July 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for July 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for July 2022"

A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"

An AD FS Vulnerability may lead to Elevation of Privilege on recent Windows Server versions

This week, on its Patch Tuesday for July 2022, Microsoft released a patch that addresses a vulnerability (CVE-2022-30215) in Active Directory Federation Services (AD FS).   About the vulnerability An Elevation of Privilege (EoP) vulnerability exists in Active Directory Federation Services (AD FS). The vulnerability can be exploited over the network and an attacker who successfully exploited … Continue reading "An AD FS Vulnerability may lead to Elevation of Privilege on recent Windows Server versions"

On-premises Identity-related updates and fixes for June 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for June 2022:   Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for June 2022"

An Out-of-Band Update addresses Azure AD sign-in problems on Windows ARM-based devices

After installing the June 2022 Cumulative update on a Windows ARM-based device, people might be unable to sign in using Azure Active Directory (Azure AD). Now there is an update available to address this issue, without having to resort to uninstalling the June 2022 Cumulative update or without having to rely on the web-based versions … Continue reading "An Out-of-Band Update addresses Azure AD sign-in problems on Windows ARM-based devices"

On-premises Identity-related updates and fixes for May 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for May 2022:   Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for May 2022"

An Out of Band Update resolves the Authentication issues introduced by the May 10 2022 Windows Updates

Ever since the news broke that the May 2022 Windows Updates cause Active Directory Authentication Failures in environments where certificate-based authentication is in use, many organizations have held off on installing these updates on their domain controllers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) even went as far as advising against installing the updates … Continue reading "An Out of Band Update resolves the Authentication issues introduced by the May 10 2022 Windows Updates"

The May 2022 Windows Updates may cause Active Directory Authentication Failures

The May 2022 updates for all supported versions of Windows Server may cause Active Directory authentication failures. Microsoft is investigating the issue. A workaround is available for organizations experiencing issues. The situation The Windows updates of May 10th, 2022, address several vulnerabilities on Domain Controllers, including several of the ten LDAP Remote Code Execution vulnerabilities … Continue reading "The May 2022 Windows Updates may cause Active Directory Authentication Failures"

The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)

When looking at the May 2022 Patch Tuesday today, I noticed an update that specifically addresses an LSA Spoofing vulnerability. This vulnerability is specific to Domain Controllers (in the default configuration), so this sparked my interest in the update. About the vulnerability A spoofing vulnerability exists in the Windows Local Security Authority (LSA). This vulnerability … Continue reading "The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)"