This week, on its Patch Tuesday for July 2022, Microsoft released a patch that addresses a vulnerability (CVE-2022-30215) in Active Directory Federation Services (AD FS). About the vulnerability An Elevation of Privilege (EoP) vulnerability exists in Active Directory Federation Services (AD FS). The vulnerability can be exploited over the network and an attacker who successfully exploited … Continue reading "An AD FS Vulnerability may lead to Elevation of Privilege on recent Windows Server versions"
This week, VMware released an update that finally addresses a vulnerability in vCenter Server. Since November 2021, this vulnerability could be used to compromise vCenter Server installations and the ESXi host they manage. Note: The vulnerability exists in VMware Cloud Foundation, too. About vCenter Server VMware vCenter Server, formerly known as VirtualCenter, is the … Continue reading "VMware finally addresses an important privilege escalation vulnerability in vCenter Server (VMSA-2021-0025)"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for June 2022: What’s New Temporary Access Pass is now available General … Continue reading "What's New in Azure Active Directory for June 2022"
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate (potential) breaches … Continue reading "What's New in Microsoft Defender for Identity in June 2022"
Ever since Microsoft announced the deprecation of Azure AD Connect version 1.x, many organizations have migrated to Azure AD Connect v2.x. However, one of the big features that have been missing from version 2.x is the ability to automatically upgrade to newer versions. Azure AD Connect v220.127.116.11 is the first v2.x that is announced with … Continue reading "Azure AD Connect v.18.104.22.168 is the first v2.x version to offer an Automatic Upgrade (and other features)"
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for June 2022: Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for June 2022"
Today, I received a localized e-mail from the Microsoft Most Valuable Professional (MVP) Award team: In Dutch, it reads: Beste Sander Berkouwer, Nogmaals presenteren we u met genoegen de 2022-2023 Microsoft Most Valuable Professional (MVP) Award als erkenning van uw buitengewone leiderschap in technische community’s. We waarderen uw uitmuntende bijdragen in de volgende technische community’s … Continue reading "I’m a 2022-2023 Microsoft MVP"
The world is different from five years ago. After the successful SolarWinds attack in 2020, where attackers gained access to Microsoft’s systems, Microsoft aligned itself with NIST’s approach towards a zero-trust architecture. This changes everything. In contrast to previous security models, in Microsoft’s defense in depth approach Identity and Access is the first layer of … Continue reading "ENow Software provides the ideal basis for your Active Directory Zero Trust Journey"
After installing the June 2022 Cumulative update on a Windows ARM-based device, people might be unable to sign in using Azure Active Directory (Azure AD). Now there is an update available to address this issue, without having to resort to uninstalling the June 2022 Cumulative update or without having to rely on the web-based versions … Continue reading "An Out-of-Band Update addresses Azure AD sign-in problems on Windows ARM-based devices"
This week, new Proof of Concept code was publicly published to coerce a Certificate Authority (CA) to authenticate the domain controller using NTLM. This vulnerability was named DFSCoerce and has been published by Filip Dragovic. It is another vulnerability in the PetitPotam (or PrintNightmare) family of vulnerabilities, and is as difficult to mitigate as former … Continue reading "Another Critical Active Directory Certificate Services NTLM Relay Vulnerability allows for Domain Takeover (DFSCoerce, Critical)"