.NET 4.5.2 Update on Exchange Servers?

| | Comments are off for this post.

Microsoft Windows Update is now offering the .NET Framework 4.5.2 update as an “Important” update to Windows computers. Microsoft .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2 for x64-based Systems (KB2934520) Microsoft .NET Framework 4.5.2 for Windows Server 2008 R2 for x64-based Systems (KB2901983) First of all,…

Continue Reading
back-to-basics-graphic

N-1: Where IT Departments S….?

| | Comments are off for this post.

Being named as one of the best IT experts in Canada, iRangers team is often involved in various assessment, discovery and troubleshooting engagements. While analyzing these cases from several past years, we found some interesting commonalities. No matter which technology is being deployed, assessed or troubleshot, whether it is Microsoft,…

Continue Reading
Locks

Single-Factor (password only) Authentication: It’s NOT Enough Nowadays!

| | Comments are off for this post.

Dell SecureWorks Counter Threat Unit(TM) (CTU) researchers discovered malware that bypasses authentication on Active Directory (AD) systems that implement single-factor (password only) authentication. Threat actors can use a password of their choosing to authenticate as any user. This malware was given the name “Skeleton Key.” CTU researchers discovered Skeleton Key…

Continue Reading

No More SSL 3.0 at Azure Storage Starting Feb. 20, 2015

| | Comments are off for this post.

Microsoft plans to disable Secure Sockets Layer (SSL) 3.0 encryption support in its Azure Storage service next month. Azure Storage won’t support the SSL 3.0 security protocol starting on Feb. 20, 2015, the company announced this week. If organizations still have browsers using that that protocol after February 20, then…

Continue Reading

Vulnerability in SSL 3.0 Could Allow Information Disclosure

| | Comments are off for this post.

In the end of 2014 it became known that the SSL protocol (specifically SSL v3) was broken and decryption of the encrypted data was possible. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft…

Continue Reading
computer-security3

There Is No Security If You Have Physical Access: How To Reset the Domain Administrator Password In Windows Server 2012 R2

| | Comments are off for this post.

It’s hard to believe, but the good old domain administrator reset password trick from Windows Server 2003 / 2008 still works in Windows Server 2012 R2. Step-by-Step guide To reset the Domain Administrator password in Windows Server 2012 R2 you do the following: Shutdown the domain controller. Boot on the Windows…

Continue Reading

Exchange 2010 SP3 Update Rollup 8 Released and Then Pulled!

| | Comments are off for this post.

On the 9th December Microsoft released the Exchange 2010 SP3 Update Rollup 8. The Update Rollup 8 for Exchange Server 2010 SP3 contains the fixes for the security issue that is described inKB2986475. WARNING – DO NOT INSTALL THIS UPDATE IF YOU DOWNLOADED IT ON THE 9th or 10th DECEMBER!…

Continue Reading

Why SharePoint Projects Fail?

| | Comments are off for this post.

I was chatting with a colleague a few days ago and he asked a very simple question: “Why does SharePoint fail?”. Now, with him being in IT, the context of the question was aimed specifically at SharePoint; not at all the generic reasons why an IT project might fail. Well,…

Continue Reading