Security

Security related items and thoughts

1

Remote Desktop Connection Manager Download (RDCMan) 2.81

Posted on by Rhoderick Milne [MSFT]

Finally we have good news for all fans of the Remote Desktop Connection Manager (RDCMan) tool!    It has risen from the ashes, and is now part of Sysinternals.

Over the years RDCMan built up a strong user base as it was a simple but powerful utility to manage connections to multiple machines.  Sure, if you have three or four servers to manage you can get by with saved .rdp files or use the Universa… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.81”

0

New And Advanced Azure AD Connect Topics

Posted on by Rhoderick Milne [MSFT]
Azure AD Connect Password Hash Sync

There have been some recent feature additions to Azure AD Connect.  If we look at the Azure AD Connection Version History  after a brief hiatus, there are newer versions as of March 2021.  At the time of witing, the latest version is 1.6.4.0 and was released on the 31st May 2021.

There are multiple new features and changes in this build.

  • Updated ADSyncTools PowerShell module
  • Defaults to V2 synchronisati
Read the rest “New And Advanced Azure AD Connect Topics”
0

Microsoft Defender for Identity–Replaced Domain Controller

Posted on by Rhoderick Milne [MSFT]

The below environment was migrated from one hosting provider to another.  Unfortunately one DC did not survive, and it was removed from the domain.  This was done by using dsa.msc as it can now clean up the AD metadata rather than using NTDSUtil.  That was a welcome change in Windows Server 2008.

A replacement server with the same name was built, joined to the domain and then promoted to be a DC.  T… Read the rest “Microsoft Defender for Identity–Replaced Domain Controller”

1

April 2021 Exchange Security Updates

Posted on by Rhoderick Milne [MSFT]

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release.  You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019.  Details can be found in KB 5001779.

Update 5-5-2021.  Two articles with known issues relating to this securitRead the rest “April 2021 Exchange Security Updates”

0

Exchange & TCP/IP Port Range

Posted on by Rhoderick Milne [MSFT]

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”
0

Installing Microsoft Defender For Identity – February 2021

Posted on by Rhoderick Milne [MSFT]
Installing Microsoft Defender for Identity

Microsoft Defender for Identity (MDI) is a critical component in the Defender security stack, designed to protect on-premises Active Directory (AD) environments from advanced attacks such as credential theft, lateral movement, and domain dominance. Before it carried the Defender name, this product had a long and interesting evolution.  One that mirrors Microsoft’s broader journey into identity sec… Read the rest “Installing Microsoft Defender For Identity – February 2021”

0

Install March 2021 Security Update–Exchange 2013 Net Framework 4.7.2

Posted on by Rhoderick Milne [MSFT]

You will have seen the multiple posts and communications around the Hafnium Exchange security issue.  One of the most disconcerting issues has been the number of Exchange installs that have not been patched in several years.  Once the storm has abated, I'll put down some thoughts and talk through some of the most problematic issues, but for now let's focus on the task in hand.  Security updates ar… Read the rest “Install March 2021 Security Update–Exchange 2013 Net Framework 4.7.2”

11

Collected Links For Hafnium – March 2021 Exchange Security Issue

Posted on by Rhoderick Milne [MSFT]

The below are a series of links, tips and some very brief thoughts on Hafnium.  I will purposefully not include the content of the other locations as it is changing so rapidly, and there is no way to ensure that it would be updated here in a timely fashion.

 

 

If you read nothing else, please ensure that you install the update from an elevated CMD prompt if you are manually installing. 

FaiRead the rest “Collected Links For Hafnium – March 2021 Exchange Security Issue”

0

TLS Musings

Posted on by Rhoderick Milne [MSFT]
TLS Options In Browser

Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are protocols that provide secure communications.  Today several versions of these protocols exist, and not all of them are considered secure by Microsoft or other security companies.

Schannel is a Security Support Provider (SSP) that implements the SSL, TLS and Datagram Transport Layer Security (DTLS) Internet standard authentication pro… Read the rest “TLS Musings”

0

Exchange 2010 SP3 RU32 Released

Posted on by Rhoderick Milne [MSFT]

Today is an out of band security release for Exchange.  Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security  Response Center to read the details about this and the other released security updates.

Download Exchange 2010 SP3 RU32

Note – The image does not show RU 32, and I'll update it once the download site is corrected. 

This is build 14.03.Read the rest “Exchange 2010 SP3 RU32 Released”