Category Archives: Active Directory
VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3
Today, Broadcom issued a second update to VMSA-2024-003 for VMware ESXi, specifically to address the vulnerability CVE-2024-37085. This vulnerability, with a CVSSv3 base score of 6.8 out of 10 (Moderate), allowed an adversary with sufficient Active Directory permissions to gain full access to ESXi hosts. About the vulnerability For an adversary to abuse this […]
On-premises Identity-related updates and fixes for July 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for July 2024: Windows Server 2016 We observed the following update […]
Sympathy for the devil, empathy for the Identity professional
Working with Microsoft-focused identity admins, I noticed a couple of common themes with these fellow identity people that make them feel like they can't make any right decisions anymore, they got stuck somehow and feel miserable all the time… In their minds, a perfect storm is raging. Identity professionals in this state are experienced as […]
On-premises Identity-related updates and fixes for June 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for June 2024: Windows Server 2016 We observed the following update […]
On-premises Identity-related updates and fixes for May 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for May 2024: Windows Server 2016 We observed the following update […]
A Denial of Service vulnerability threatens the availability of virtual Domain Controllers on VMware ESXi (VMSA-2024-0011, Important, CVE-2024-22273)
This week, Broadcom VMware released an update that addresses a vulnerability in ESXi. This vulnerability could be abused to negatively impact the availability of virtual Domain Controllers running on ESXi hosts. Note: The vulnerability exists in VMware Cloud Foundation, too. The vulnerability was responsibly disclosed to Broadcom VMware. About the DoS vulnerability The vulnerability […]
On-premises Identity-related updates and fixes for April 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for April 2024: Windows Server 2016 We observed the following update […]
The video of my session on Backing up and Restoring Virtual Domain Controllers for the Dutch Veeam User Group Meetup is now available
On Tuesday March 19th, I presented a 20-minute session on backing up and restoring virtual Domain Controllers as part of the Veeam User Group Netherlands Meetup. My goal was to offer four tips and tricks to get in to a zen state as an Active Directory admin when worrying about backing up and restoring virtual […]
On-premises Identity-related updates and fixes for March 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for March 2024: Windows Server 2016 We observed the following update […]
DTAPR – Is it worthwhile to add a Ransomware Recovery environment?
Serious IT environments don't just have a test environment. They also have development, acceptance and/or production environments. 🤡 For applications, having a development, test, acceptance (on-premises) and/or staging (typically cloud) implementation or instance seems common. For infrastructure, however, it is not. The availability, confidentiality and integrity of many Active Directory environments needlessly suffer because of […]
Login