The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)

When looking at the May 2022 Patch Tuesday today, I noticed an update that specifically addresses an LSA Spoofing vulnerability. This vulnerability is specific to Domain Controllers (in the default configuration), so this sparked my interest in the update. About the vulnerability A spoofing vulnerability exists in the Windows Local Security Authority (LSA). This vulnerability … Continue reading "The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)"

The May 2022 Patch Tuesday addresses 10 LDAP Remote Code Execution vulnerabilities (Critical, CVSSv3 9.8)

When looking at the May 2022 Patch Tuesday today, I noticed ten updates that specifically address Remote Code Execution (RCE) vulnerabilities in Windows LDAP. These vulnerabilities are specific to Domain Controllers (in the default configuration), so this sparked my interest in these updates. Ten Windows LDAP RCE vulnerabilities Ten Windows LDAP remote code execution vulnerabilities … Continue reading "The May 2022 Patch Tuesday addresses 10 LDAP Remote Code Execution vulnerabilities (Critical, CVSSv3 9.8)"

On-premises Identity-related updates and fixes for April 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for April 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for April 2022"

What's New in Azure Active Directory for April 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for April 2022: What’s New Microsoft Defender for Endpoint Signal in Identity … Continue reading "What's New in Azure Active Directory for April 2022"

Exam MS-220 Exchange Online Troubleshooting list of sources

This month the beta exam MS-220: Troubleshooting Microsoft Exchange Online became available. This exam will provide the Microsoft 365 Certified: Exchange Online Support Engineer Specialty. Microsoft Learning announced this new certification in March. Because it's a beta exam there is not a lot of training material or courses (yet) you can use to prepare. I've … Continue reading "Exam MS-220 Exchange Online Troubleshooting list of sources"

You’re invited to the IT-University Masterclass – Securing Active Directory using cloud services… Say What!?

On May 9th, 2022, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on establishing device trust in the modern age. Over 95% of organizations over 50 people use Active Directory today. Active Directory is the main target for attackers. This leads to data leaks … Continue reading "You’re invited to the IT-University Masterclass – Securing Active Directory using cloud services… Say What!?"

The April 2022 Patch Tuesday addresses 18 vulnerabilities for Domain Controllers running as DNS Servers

When looking at the April 2022 Patch Tuesday today, I noticed eighteen updates that specifically address vulnerabilities in DNS Server. These vulnerabilities are specific to Domain Controllers running DNS Server (in the default configuration), so this sparked my interest in these updates.   Eighteen DNS Server vulnerabilities Seventeen Remote Code Execution vulnerabilities Seventeen DNS Server … Continue reading "The April 2022 Patch Tuesday addresses 18 vulnerabilities for Domain Controllers running as DNS Servers"

What's New in Azure Active Directory for March 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for March 2022: What’s Planned Tenant enablement of combined security information registration … Continue reading "What's New in Azure Active Directory for March 2022"

What's New in Microsoft Defender for Identity in March 2022

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate (potential) breaches … Continue reading "What's New in Microsoft Defender for Identity in March 2022"

On-premises Identity-related updates and fixes for March 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for March 2022: Windows Server 2016 We observed the following update for Windows Server 2016: … Continue reading "On-premises Identity-related updates and fixes for March 2022"