Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)

Yesterday, during its August Patch Tuesday, Microsoft released security update KB3178465 for Windows Authentication Methods, among other security-related updates. This update addresses two vulnerabilities in Microsofts implementation of its authentication methods in Active Directory scenarios: CVE-2016-3237 and CVE-2016-3300.   About the vulnerabilities Microsoft Kerberos Elevation of Privilege Vulnerability (CVE-2016-3237) A security feature bypass vulnerability exists … Continue reading "Security Thoughts: Update for Windows Authentication Methods (KB3178465, MS16-101, CVE-2016-3237, CVE-2016-3300, Important)"

Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)

Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10.   About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target … Continue reading "Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)"

Using the new Active Directory PowerShell Cmdlets on down-level and module-less systems

Last week, we discussed the new Active Directory Domain Services-related PowerShell Cmdlets in Windows Server 2012 R2. In the requirements I mentioned that you needed at least one system with the Windows Server 2012 R2 or Windows 8.1 version of the Active Directory Module for Windows PowerShell feature installed. However, as Aleksandar Nikolic (PowerShell MVP) … Continue reading "Using the new Active Directory PowerShell Cmdlets on down-level and module-less systems"

5 things you should know about Windows 7

All you need to know is… … What you already know. In our society information is the greatest good. Microsoft has decided not to release a lot of information on Windows 7 for a reason. It was one of the mistakes admitted with Windows Vista. Some features (like WinFS) got dropped totally, while other features … Continue reading "5 things you should know about Windows 7"

Building the Flaming Dog Lanfestival environment

One of the fun things I get to do is co-organizing the Flaming Dog Lanfestival, where my main responsibility is to design, build and manage the networking infrastructure. About the Flaming Dog Lanfestival Last year Michiel de Jongh and I organized the Flaming Dog Lanfestival for the first time. This event is sponsored by OGD, … Continue reading "Building the Flaming Dog Lanfestival environment"

Remotely managing your Server Core using WinRM and WinRS

I've already shown you how to remotely manage your Server Core installations of Windows Server Core using the Remote Desktop Protocol, but using Windows Remote Management (WinRM, Microsoft implementation of WS-Management) in combination with WinRS might prove to be even more useful for day to day administration.

The Non-Existence of Virtual PC Express

According to older news Windows Vista Enterprise and Windows Vista Ultimate would both have a feature called Virtual PC Express. In fact both versions of Windows Vista do not ship with this feature. Clearly the cause of this is the new virtualization path Microsoft has chosen nearly nine months ago. Virtual PC Express, which was rumored … Continue reading "The Non-Existence of Virtual PC Express"