Category Archives: Group Policy
I know from my own experience – the importance of Active Directory and its security can never be overestimated. So, I’ve teamed up with Netwrix to bring you an easy yet extensive update for your knowledge of Active Directory management and security principles. Therefore, this September, I’m hosting three consecutive webinars on Active Directory Domain […]
Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)
Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10. About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target […]
As you might recall, Microsoft offered a solution to systems administrators to set the local administrator password on domain-joined devices using Group Policy Preferences, but ended the solution, almost a year ago, when the encoding mechanism was decoded and an attack was created towards this vulnerability (CVE-2014-1812). Introducing LAPS Yesterday, Microsoft introduced version 6 […]
Vulnerabilities in Group Policy could allow security policy bypassing (MS15-011, MS15-014, CVE-2015-0008, CVE-2015-0009)
For its February 2015 Patch Tuesday on Tuesday February 10, Microsoft has released two security bulletin to address issues in Group Policy that would allow an attacker using a Man-in-the-middle (MitM) approach to bypass security policies, by forging packets sent by Domain Controllers. The situation In many organizations, Group Policies are used to centrally […]
Last week, Microsoft released Security Bulletin MS04-025, including guidance and an update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain – a practice that could allow an attacker to retrieve and decrypt the […]
Last year, I posted Three useful ways to get started with Group Policy in Windows 8 and Windows Server 2012. With the release of Windows 8.1 and Windows Server 2012 R2 last month, it’s time to look at managing Microsoft’s latest and greatest Operating Systems: Windows 8.1 and Windows Server 2012 R2 offer a lot […]
KnowledgeBase: Group Policy Management Console (GPMC) reports a Processing Error while trying to detect Domain Controllers
Earlier this month, Microsoft released KnowledgeBase article 2891966. In this article, Microsoft engineers describe an issue when you open the Group Policy Management Console (gpmc.msc) and check the status of Active Directory and SYSVOL (DFSR) replication for the domain as it relates to Group Policy.
KnowledgeBase: Group Policy Preferences for Local Users and Groups fails with Event ID 4098 on Windows 8 and Windows Server 2012
Last week, Microsoft released KnowledgeBase article 2890259. It describes an issue in Windows 8 and Windows Server 2012 with Group Policy Preferences for Local Users and Groups. In some circumstances, these Group Policy Preferences would not apply, resulting in events with EventId 4098 in the Windows Event Viewer (eventvwr.exe) on your domain-joined Windows 8-based device(s) […]
KnowledgeBase: Internet Explorer 10 security settings are silently applied to client computers when you use GPMC to view the Group Policy Preferences settings
Last week, Microsoft issued KnowledgeBase Article 2849027, discussing that Internet Explorer security-related preferences are silently applied to targeted computers, without any indication this is happening.
KnowledgeBase: An update is available that improves management of weak certificate cryptographic algorithms in Windows
Last month, Microsoft has released KnowledgeBase article 2862966 An update is available that improves management of weak certificate cryptographic algorithms in Windows as a helping hand to administrators to indicate and/or eradicate the use of weak cryptographic algorithms in their networking environments.