Yesterday, during its August Patch Tuesday, Microsoft released security update KB3178465 for Windows Authentication Methods, among other security-related updates. This update addresses two vulnerabilities in Microsofts implementation of its authentication methods in Active Directory scenarios: CVE-2016-3237 and CVE-2016-3300. About the vulnerabilities Microsoft Kerberos Elevation of Privilege Vulnerability (CVE-2016-3237) A security feature bypass vulnerability exists … Continue reading "Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)"
Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10. About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target … Continue reading "Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)"
Windows 10 brings a huge change when it comes to joining the trusted environment. How does the virtualization of the join change the security paradigm that we got so used to over the past decade. What happens to single sign-on and management of the workplace? Where are the new boundaries of the virtualized territory? How … Continue reading "Video: Join the Virtualized!"
I’ve written about Pass-the-Hash (PtH) attacks before. Today, I’m writing on the cleanup mechanisms to remove lingering password(hashe)s from Windows, that Microsoft has introduced with Windows 8.1 and Windows Server 2012 R2. These mechanisms help protect against Pass-the-Hash (PtH) attacks.
Looking at the news these last couple of days, you’d think the XPocalypse has begun. A vulnerability has been discovered in Internet Explorer 6 through 11 and code has been made publicly available to attack it. Since, according to several websites, this is a critical vulnerability that was discovered after Microsoft officially ended support for … Continue reading "Security Thoughts: The Inconvenient Truth about CVE-2014-1776 (aka “The Windows XP Mega Vulnerability”)"
In extensively managed networking environments, devices are generally domain-joined and employees gain mobility across these devices through folder redirection, offline files and roaming profiles. VPN access is mostly available, but when looking closely you might distinguish the occasional DirectAccess implementation. In these environments, mobility over several devices, for instance a desktop and a laptop, often, … Continue reading "Is your organization ready for Windows 8.1? Part 15, Roaming Profile incompatibilities"
Being involved with Microsoft Netherlands the way I am, has its advantages. Like yesterday, when I appeared in ITBende.nl Podcast 249 to talk about the Microsoft rumors of this last week, and, of course, to talk a little about the upcoming Dutch TechDays event. I have been a guest on this podcast two times earlier … Continue reading "I appeared in ITBende Podcast 249 last Friday"
Last night, during SuperBowl XLVIII, a version of Windows 8.1 Update 1 was, inadvertently, released to the web. While this release focuses on the integration between Windows Phone and Windows for the desktop, laptop and tablet, it also features a slew of User Interface (UI) improvements for those still on the fence on The New … Continue reading "A first look at Windows 8.1 Update 1 (build 9600.16596)"