Security Thoughts: Vulnerability in SChannel allows security bypassing (Important, FREAK, MS15-031, CVE-2015-1637)

In recent days, a new attack vector, called the FREAK technique, that facilitates SSL/TLS Man-in-the-Middle (MitM) attacks was in the news. Microsoft has confirmed that its implementations of SChannel in Windows and Windows Server are also vulnerable to this attack method and has released updates for all its supported Operating Systems.   About FREAK On … Continue reading "Security Thoughts: Vulnerability in SChannel allows security bypassing (Important, FREAK, MS15-031, CVE-2015-1637)"

Vulnerabilities in Group Policy could allow security policy bypassing (MS15-011, MS15-014, CVE-2015-0008, CVE-2015-0009)

For its February 2015 Patch Tuesday on Tuesday February 10, Microsoft has released two security bulletin to address issues in Group Policy that would allow an attacker using a Man-in-the-middle (MitM) approach to bypass security policies, by forging packets sent by Domain Controllers.   The situation In many organizations, Group Policies are used to centrally … Continue reading "Vulnerabilities in Group Policy could allow security policy bypassing (MS15-011, MS15-014, CVE-2015-0008, CVE-2015-0009)"

Update your Federation Servers with MS14-077 to patch CVE-2014-6331 (Important)

During the November 2014 Patch Tuesday, Microsoft has released Security Bulletin MS114-077, that describes how a vulnerability in Active Directory Federation Services (AD FS) could allow unintentional information disclosure and how you can fix this by installing the security update that is part of KB3003381 on your Active Directory Federation Servers, including proxies.   About MS14-077 … Continue reading "Update your Federation Servers with MS14-077 to patch CVE-2014-6331 (Important)"

Security Thoughts: Passwords in Group Policy Preferences (CVE-2014-1812)

Last week, Microsoft released Security Bulletin MS04-025, including guidance and an update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain – a practice that could allow an attacker to retrieve and decrypt the … Continue reading "Security Thoughts: Passwords in Group Policy Preferences (CVE-2014-1812)"

Security Thoughts: The Inconvenient Truth about CVE-2014-1776 (aka “The Windows XP Mega Vulnerability”)

Looking at the news these last couple of days, you’d think the XPocalypse has begun. A vulnerability has been discovered in Internet Explorer 6 through 11 and code has been made publicly available to attack it. Since, according to several websites, this is a critical vulnerability that was discovered after Microsoft officially ended support for … Continue reading "Security Thoughts: The Inconvenient Truth about CVE-2014-1776 (aka “The Windows XP Mega Vulnerability”)"

Updating Windows XP with all its updates

You may have read my blogpost on the actions admins need to take to continue working with Windows XP in their networking environments. It’s a long list. While many blogs and websites have shared similar information, one action is on everybody’s list: Update Windows XP with the latest updates. So, how easy is it to … Continue reading "Updating Windows XP with all its updates"

MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)

It’s not often, that Active Directory Domain Controllers get security updates. The Active Directory Domain Services Server Role is one of the most robustly written code, as I pointed out in an earlier blogpost on Statistics on Active Directory-related Security Bulletins. Since 2001, Microsoft has issued 18 Security Bulletins with patches to address issues in … Continue reading "MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)"