Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability

It feels like only a couple of months ago, but actually only half a year ago, Microsoft released a version of Azure AD Connect that fixed a critical security vulnerability related to password resets. Yesterday, Microsoft released a new version of Azure AD Connect that does the same thing, but actually in a different feature. … Continue reading "Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability"

Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)

Last Tuesday, during Microsoft’s July 2017 Patch Tuesday, Microsoft released a security update for all supported Operating Systems to address an elevation of privilege vulnerability that exists when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol.   About the vulnerability In a remote attack scenario, an attacker could … Continue reading "Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)"

Azure AD Connect v1.1.553.0 addresses a critical security vulnerability … and offers new functionality, too

Yesterday, Microsoft released a new version of Azure AD Connect, its free tool to synchronize objects from your on-premises Active Directory Domain Services environment to Azure Active Directory. It addresses a critical security vulnerability, but also offers new functionality, like delegate write-back from Exchange Online to Exchange Server on-premises.,   Vulnerability could allow Elevation of … Continue reading "Azure AD Connect v1.1.553.0 addresses a critical security vulnerability … and offers new functionality, too"

Important Update for Active Directory Federation Services (MS17-019, KB4010320, CVE-2017-0043)

Today, for its March 2017 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). The security update addresses a vulnerability that could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system..   … Continue reading "Important Update for Active Directory Federation Services (MS17-019, KB4010320, CVE-2017-0043)"

Critical Flaw in SMB1 could allow remote code execution on Active Directory Domain Controllers (MS17-010, KB4013389)

Today, for its March 2017 Patch Tuesday, Microsoft released a security update for supported versions of Windows Server offering File Sharing services using the Server Message Block (SMB) version 1.0 protocol. The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.   About the vulnerabilities The vulnerabilities that are fixed with … Continue reading "Critical Flaw in SMB1 could allow remote code execution on Active Directory Domain Controllers (MS17-010, KB4013389)"

Security Thoughts: Azure Active Directory Passport Library for Node.js is vulnerable for authentication bypass (CVE-2016-7191)

Yesterday night, we received a notification that a vulnerability in some older versions of the Azure Active Directory Passport Library for Node.js (Passport-Azure-AD) is vulnerable for authentication bypassing, because the ValidateIssuer setting wasn’t recognized, resulting in incorrectly validating tokens. An attacker who successfully exploits this vulnerability could bypass Azure Active Directory authentication to a targeted … Continue reading "Security Thoughts: Azure Active Directory Passport Library for Node.js is vulnerable for authentication bypass (CVE-2016-7191)"

Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)

Yesterday, during its August Patch Tuesday, Microsoft released security update KB3178465 for Windows Authentication Methods, among other security-related updates. This update addresses two vulnerabilities in Microsofts implementation of its authentication methods in Active Directory scenarios: CVE-2016-3237 and CVE-2016-3300.   About the vulnerabilities Microsoft Kerberos Elevation of Privilege Vulnerability (CVE-2016-3237) A security feature bypass vulnerability exists … Continue reading "Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)"

Security Thoughts: Vulnerability in Active Directory could allow denial of service (MS16-081, KB3160352, CVE-2016-3226)

Yesterday, Microsoft released update 3160352 as part of its June 2016 Patch Tuesday to address an important vulnerability in Active Directory, allowing denial of service. This security update is rated Important for all supported editions of Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 About the vulnerability A vulnerability has been … Continue reading "Security Thoughts: Vulnerability in Active Directory could allow denial of service (MS16-081, KB3160352, CVE-2016-3226)"

Security Thoughts: Vulnerability in Netlogon could allow remote code execution (MS16-076, KB3167691, CVE-2016-3228)

Yesterday, Microsoft released update 3167691 as part of its June 2016 Patch Tuesday to address an important vulnerability in Windows Server’s Netlogon functionality, allowing remote code execution on all supported Windows Server versions. About the vulnerability A vulnerability has been detected, that could allow remote code execution if an attacker with access to a Windows … Continue reading "Security Thoughts: Vulnerability in Netlogon could allow remote code execution (MS16-076, KB3167691, CVE-2016-3228)"

Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)

Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10.   About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target … Continue reading "Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)"