Skip to Content

Category Archives: Microsoft Windows 8.1

Microsoft Windows 8.1

Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)

Written on August 10, 2016 at 8:54 PM, by

Yesterday, during its August Patch Tuesday, Microsoft released security update KB3178465 for Windows Authentication Methods, among other security-related updates. This update addresses two vulnerabilities in Microsofts implementation of its authentication methods in Active Directory scenarios: CVE-2016-3237 and CVE-2016-3300.   About the vulnerabilities Microsoft Kerberos Elevation of Privilege Vulnerability (CVE-2016-3237) A security feature bypass vulnerability exists […]

Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)

Written on June 15, 2016 at 8:38 AM, by

Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10.   About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target […]

Video: Join the Virtualized!

Written on February 25, 2015 at 7:09 AM, by

Windows 10 brings a huge change when it comes to joining the trusted environment. How does the virtualization of the join change the security paradigm that we got so used to over the past decade. What happens to single sign-on and management of the workplace? Where are the new boundaries of the virtualized territory? How […]

Security Thoughts: LSASS Protection in Windows 8.1 and Windows Server 2012 R2

Written on June 24, 2014 at 7:44 AM, by

I’ve written about Pass-the-Hash (PtH) attacks before. Today, I’m writing on the cleanup mechanisms to remove lingering password(hashe)s from Windows, that Microsoft has introduced with Windows 8.1 and Windows Server 2012 R2. These mechanisms help protect against Pass-the-Hash (PtH) attacks.

Security Thoughts: The Inconvenient Truth about CVE-2014-1776 (aka “The Windows XP Mega Vulnerability”)

Written on April 29, 2014 at 9:14 PM, by

Looking at the news these last couple of days, you’d think the XPocalypse has begun. A vulnerability has been discovered in Internet Explorer 6 through 11 and code has been made publicly available to attack it. Since, according to several websites, this is a critical vulnerability that was discovered after Microsoft officially ended support for […]

Is your organization ready for Windows 8.1? Part 15, Roaming Profile incompatibilities

Written on April 23, 2014 at 2:36 PM, by

In extensively managed networking environments, devices are generally domain-joined and employees gain mobility across these devices through folder redirection, offline files and roaming profiles. VPN access is mostly available, but when looking closely you might distinguish the occasional DirectAccess implementation. In these environments, mobility over several devices, for instance a desktop and a laptop, often, […]

I appeared in ITBende Podcast 249 last Friday

Written on March 10, 2014 at 6:39 AM, by

Being involved with Microsoft Netherlands the way I am, has its advantages. Like yesterday, when I appeared in ITBende.nl Podcast 249 to talk about the Microsoft rumors of this last week, and, of course, to talk a little about the upcoming Dutch TechDays event. I have been a guest on this podcast two times earlier […]

A first look at Windows 8.1 Update 1 (build 9600.16596)

Written on February 3, 2014 at 11:10 AM, by

Last night, during SuperBowl XLVIII, a version of Windows 8.1 Update 1 was, inadvertently, released to the web. While this release focuses on the integration between Windows Phone and Windows for the desktop, laptop and tablet, it also features a slew of User Interface (UI) improvements for those still on the fence on The New […]