A Windows SMBv3 Remote Code Execution Vulnerability affects your Windows Server 2022-based Domain Controllers (CVE-2022-24508)

Today, for its March 2022 Patch Tuesday, Microsoft released an important security update for domain controllers running Windows Server. This vulnerability is known as CVE-2022-24508 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who … Continue reading "A Windows SMBv3 Remote Code Execution Vulnerability affects your Windows Server 2022-based Domain Controllers (CVE-2022-24508)"

Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)

Today, for its February 2022 Patch Tuesday, Microsoft released an important security update for DNS Servers running Windows Server. This vulnerability is known as CVE-2022-21984 and rated with CVSSv3.1 scores of 8.8/7.7. A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers. An attacker who successfully exploited the vulnerability could run arbitrary … Continue reading "Windows Server 2022 suffers a Windows DNS Server Remote Code Execution Vulnerability (CVE-2022-21984)"

Microsoft has released out-of-band updates to address Domain Controller boot loops

Last week, we mentioned that the January 11th, 2022 updates caused some Domain Controllers to restart unexpectedly. Our advice, then, was to uninstall the updates when encountering this problem. However, uninstalling these updates also rolled back other fixes that address critical vulnerabilities in Windows Server. It results in a situation where you don’t want to … Continue reading "Microsoft has released out-of-band updates to address Domain Controller boot loops"

Some Domain Controllers may restart unexpectedly after applying the January 11, 2022 Updates

When installing updates, there is always the risk of rogue updates; updates that break functionality, unannounced, unexpected and unsettling. Microsoft is currently researching such a possible side-effect with the January 11, 2022 updates on Active Directory Domain Controllers. About the issue Domain Controllers may reboot unexpectedly and keep rebooting. Event ID 1000 is triggered right … Continue reading "Some Domain Controllers may restart unexpectedly after applying the January 11, 2022 Updates"

Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)

During its Patch Tuesday on January 11th, 2022, Microsoft addressed a Remote Code Execution (RCE) security vulnerabilities that affects Windows Server 2019- and Windows Server 2022-based Active Directory Federation Services (AD FS) servers. About the vulnerability CVE-2022-21907 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. … Continue reading "Wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability affects Windows Server 2019- and 2022-based AD FS Servers (CVE-2022-21907)"

Three Active Directory vulnerabilities were addressed during Microsoft’s January 2022 Patch Tuesday

During its Patch Tuesday on January 11th, 2022, Microsoft addressed three Elevation of Privilege (EoP) security vulnerabilities in Active Directory components and protocols that can be attacked over the network. About the vulnerabilities Three vulnerabilities were addressed: CVE-2022-21857 AD DS Elevation of Privilege Vulnerability CVE-2022-21857 is a vulnerability that could allow an attacker to elevate … Continue reading "Three Active Directory vulnerabilities were addressed during Microsoft’s January 2022 Patch Tuesday"

A Critical Remote Code Execution vulnerability in Veeam Backup for Azure was automatically addressed

Last week, Veeam identified a critical vulnerability in a component of its Backup for Microsoft Azure solution, that allows attackers to bypass authentication mechanisms and execute arbitrary code.   About Veeam Backup for Microsoft Azure Veeam Backup for Microsoft Azure is a solution offered by Veeam to backup and restore Azure IaaS-based virtual machines and … Continue reading "A Critical Remote Code Execution vulnerability in Veeam Backup for Azure was automatically addressed"

Azure AD Connect v2.0.88.0 addresses a security issue in Microsoft.Data.OData and offers new functionality

Roughly three months after the release of the last Azure AD Connect version, Microsoft released a security update to Azure AD Connect v2.x. to address a Denial of Service (DoS) vulnerability. Microsoft recommends updating Azure AD Connect to v2.0.88.0 as soon as possible, Note: None of the Azure AD Connect v2.x releases are released for … Continue reading "Azure AD Connect v2.0.88.0 addresses a security issue in Microsoft.Data.OData and offers new functionality"

You may encounter authentication issues after installing the November 2021 Cumulative updates

While installing updates is one of the basic information security measures, many organizations hold off on installing updates for Windows Server within 48 hours. This month, we saw another reason why it’s a smart idea to test updates in pre-production environments before deploying them to production domain controllers. After installing the November 2021 cumulative and/or … Continue reading "You may encounter authentication issues after installing the November 2021 Cumulative updates"

Four Active Directory Elevation of Privilege vulnerabilities were addressed in the November 2021 Updates

When looking at the November 9th, 2021 updates today, I noticed four updates that specifically address vulnerabilities in Active Directory Domain Services. These vulnerabilities affect domain controllers at the heart of many networking infrastructure environments.   About the vulnerabilities Four vulnerabilities were addressed: CVE-2021-42278 Active Directory Domain Services Elevation of Privilege Vulnerability CVE-2021-42278 is a … Continue reading "Four Active Directory Elevation of Privilege vulnerabilities were addressed in the November 2021 Updates"