CISA: Do not install May Windows Patch Tuesday updates on domain controllers
Microsoft has patched a Windows Local Security Authority (LSA) spoofing vulnerability tracked under CVE-2022-26925 with the latest Patch Tuesday update. A high-severity vulnerability allows an unauthenticated attacker to anonymously call a method and force a domain controller (DC) to authenticate it via NTLM. In the worst-case scenario, this could lead to privilege escalation and an attacker taking control of your entire domain.
Detailing this vulnerability is important because the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has required Federal Civilian Executive Branch agencies (FCEB) to install these updates within three weeks to protect themselves against this Attack surface and other attacks. However, it has now removed this requirement as the latest Patch Tuesday updates can also cause authentication issues when installed on a DC - which we discussed previously.
These issues are primarily caused by two patches for Windows Kerberos and Active Directory Domain Services, tracked as CVE-2022-26931 and CVE-2022-26923 respectively. CISA no longer encourages IT administrators to install May's Patch Tuesday on DCs due to the inability to choose between patches to install. The note on the advisory reads:
Installing the update released on May 10, 2022 on client Windows devices and non-domain controller Windows servers does not cause this issue and is still strongly recommended. This issue only affects the May 10, 2022 update installed on servers used as domain controllers. Organizations should continue to apply updates to client Windows devices and non-domain controller Windows servers.
Currently, Microsoft offers a workaround that involves manually mapping certificates. It also strongly emphasizes that applying any additional mitigation measures may have a negative impact on your organization's security posture.
Given that CISA discourages FCEB from installing May Patch Tuesday updates entirely on Windows Server DCs, Microsoft may want to roll out a more permanent fix soon.
The above is the detailed content of CISA: Do not install May Windows Patch Tuesday updates on domain controllers. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to set up Win10 firewall whitelist? Win10 plus firewall whitelist
Jul 14, 2023 pm 03:18 PM
The built-in firewall function of win10 can block the attacks of some malicious programs for us, but occasionally it may be blocked by the firewall and prevent the program from being installed normally. If we can understand the security of this software and the importance of installation, then we can allow the installation by adding a whitelist to the firewall. 1. Use the win key to open the win10 system menu window, and click on the left side of the menu window to open the "Settings" dialog box. 2. In the Windows Settings dialog box that opens, you can look for the "Update & Security" item and click to open it. 3. After entering the upgrade and security policy page, click the "Windows Security Manager" sub-menu in the left toolbar. 4. Then in the specific content on the right
Master network security and penetration testing in Go
Nov 30, 2023 am 10:16 AM
With the development of the Internet, network security has become an urgent issue. For technical personnel engaged in network security work, it is undoubtedly necessary to master an efficient, stable, and secure programming language. Among them, Go language has become the first choice of many network security practitioners. Go language, referred to as Golang, is an open source programming language created by Google. The language has outstanding features such as high efficiency, high concurrency, high reliability and high security, so it is widely used in network security and penetration testing.
Artificial Intelligence in Cybersecurity: Current Issues and Future Directions
Mar 01, 2024 pm 08:19 PM
Artificial intelligence (AI) has revolutionized every field, and cybersecurity is no exception. As our reliance on technology continues to increase, so do the threats to our digital infrastructure. Artificial intelligence (AI) has revolutionized the field of cybersecurity, providing advanced capabilities for threat detection, incident response, and risk assessment. However, there are some difficulties with using artificial intelligence in cybersecurity. This article will delve into the current status of artificial intelligence in cybersecurity and explore future directions. The role of artificial intelligence in cybersecurity Governments, businesses and individuals are facing increasingly severe cybersecurity challenges. As cyber threats become more sophisticated, the need for advanced security protection measures continues to increase. Artificial intelligence (AI) relies on its unique method to identify, prevent
How do C++ functions implement network security in network programming?
Apr 28, 2024 am 09:06 AM
C++ functions can achieve network security in network programming. Methods include: 1. Using encryption algorithms (openssl) to encrypt communication; 2. Using digital signatures (cryptopp) to verify data integrity and sender identity; 3. Defending against cross-site scripting attacks ( htmlcxx) to filter and sanitize user input.
Lenovo joins hands with Nvidia to release vehicle route planning map, leading Jen-Hsun Huang to become a partner
Nov 21, 2023 pm 01:06 PM
At the 2023 Lenovo Technology Innovation Conference (Lenovo Tech World 2023), Lenovo Group Chairman and CEO Yang Yuanqing delivered an opening speech with the theme "AI for All, Let Artificial Intelligence Benefit Everyone" and demonstrated Lenovo's first AIPC and large model Compression technology, cockpit smart companion, artificial intelligence twin (AITwin) and a series of artificial intelligence achievements Yang Yuanqing introduced the product layout of Lenovo Car Computing in his speech. He pointed out that future smart cars will be more like super PCs on wheels, which will have a great impact on car performance. The standard measurement has also changed from horsepower to computing power. Lenovo Car Computing's domain control products will support smart cockpits, autonomous driving, smart screens, etc., and large models based on automotive scenarios will also become smart companions.
Ten methods in AI risk discovery
Apr 26, 2024 pm 05:25 PM
Beyond chatbots or personalized recommendations, AI’s powerful ability to predict and eliminate risks is gaining momentum in organizations. As massive amounts of data proliferate and regulations tighten, traditional risk assessment tools are struggling under the pressure. Artificial intelligence technology can quickly analyze and supervise the collection of large amounts of data, allowing risk assessment tools to be improved under compression. By using technologies such as machine learning and deep learning, AI can identify and predict potential risks and provide timely recommendations. Against this backdrop, leveraging AI’s risk management capabilities can ensure compliance with changing regulations and proactively respond to unforeseen threats. Leveraging AI to tackle the complexities of risk management may seem alarming, but for those passionate about staying on top in the digital race
Network security reinforcement techniques for building web servers under CentOS 7
Aug 05, 2023 pm 01:12 PM
Network security reinforcement techniques for building web servers under CentOS7 The web server is an important part of the modern Internet, so it is very important to protect the security of the web server. By hardening network security, you can reduce risks and avoid potential attacks. This article will introduce network security reinforcement techniques commonly used when building web servers on CentOS7, and provide corresponding code examples. Update your system and software First, make sure your system and software are up to date. You can use the following command to update
Roborock sweeping robot passed Rheinland dual certification, leading the industry in corner cleaning and sterilization
Mar 19, 2024 am 10:30 AM
Recently, TUV Rheinland Greater China ("TUV Rheinland"), an internationally renowned third-party testing, inspection and certification agency, issued important network security and privacy protection certifications to three sweeping robots P10Pro, P10S and P10SPro owned by Roborock Technology. certificate, as well as the "Efficient Corner Cleaning" China-mark certification. At the same time, the agency also issued self-cleaning and sterilization performance test reports for sweeping robots and floor washing machines A20 and A20Pro, providing an authoritative purchasing reference for consumers in the market. As network security is increasingly valued, TUV Rheinland has implemented strict network security and privacy protection for Roborock sweeping robots in accordance with ETSIEN303645 standards.