Category Archives: Microsoft Windows Server 2016
On-premises Identity-related updates and fixes for February 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for February 2021: Windows Server 2016 We observed the following update for Windows Server 2016: KB4601318 February 9, 2021 The […]
On-premises Identity-related updates and fixes for January 2021
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for January 2021: Windows Server 2016 We observed the following update for Windows Server 2016: KB4598243 January 12, 2021 […]
Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)
Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability . About the vulnerability An authenticated user has signed into a device and locks his or her active session. An attacker with physical access could then perform actions that would allow them […]
On-premises Identity-related updates and fixes for November 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for November 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4586830 November 10, 2020 The […]
On-premises Identity-related updates and fixes for October 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for October 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4580346 October 13, 2020 […]
On-premises Identity-related updates and fixes for September 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. Note: Although much attention was given this month to Secura’s ZeroLogon attack and the advice to update Windows Servers acting as Domain Controller immediately,, the underlying vulnerability was actually […]
An important update addresses a Spoofing Vulnerability in AD FS
Yesterday, for its September 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). About the vulnerability A spoofing vulnerability exists when Active Directory Federation Services (AD FS) on Windows Server 2016 and Windows Server 2019 improperly handles multi-factor authentication requests. This vulnerability is described in detail in CVE-2020-0837. […]
On-premises Identity updates & fixes for August 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4571694 August 11, 2020 The […]
On-premises Identity updates & fixes for July 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for July 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4565511 July 14, 2020 The July […]
HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases
Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In the pervious post of this series, we discussed encrypting traffic between AD FS Servers, servers running Azure […]
Login