This might come as a shocker to you (irony), but cyber-criminals use e-mail to attack your users. I feel that client security is something that is often overlooked and IT-pros tend to focus on securing the servers rather than focusing on what is possible to do from the clients within the company network. If you […]
Posts in category Security
ExecutionPolicy in PowerShell
I often hear from people about the security setting in PowerShell that prevents unsigned code from running. You know what I am talking about. I am talking about the ExecutionPolicy. I believe this feature is often misunderstood by us IT-Pros. This setting has a few options (taken from PowerShell help): — Restricted: Does not load […]
WUSA.exe – Extract option is gone in Windows 10
If you try to run the command «wusa.exe c:\temp\file.cab /extract:c:\temp2\» you will in Windows 10 get this error: The reason Microsoft has removed this option is because of a security issue with the extract option. The reason I found out that this was removed was because I was trying to bypass UAC on Windows 10. […]
Fix for too many certificates in Trusted Root Certificate Authorities
Remember KB931125? The patch that broke tons of Configuration Manager management points? Yeah, that one. I just found out that as of October 17th Microsoft has released a “quick fix” for this problem so that you don´t have to manually delete the certificates yourself. Basically the fix will delete all the third party root certificate […]
Certificate Enrollment Web Services – Access was denied by the remote endpoint
I was working with a customer that had implemented Active Directory segmented by firewalls. We had implemented PKI earlier, but that was before the AD segmentation, and on time there was no requirements for Certificate enrollment services. But after the AD segmentation, we would like to implement auto-enrollment for computers one “the other side of […]
Hunting malware with Sysinternals tools
Attending Mark Russinovich great sessions at TechEd Europe is always a good reminder of the powerful Sysinternals Tools from Windows Sysinternals (http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx) So when a customer called me telling me all the programs crashing on startup, I thought it would be a nice opportunity to troubleshoot with Sysinternals Tools. This was a old PC (with […]
Bug when using signed Powershell scripts as Custom Detection Method in Configuration Manager 2012
When using custom scripts for Detection Methods you have the possibility to use a Powershell script. However, if your environment has security in focus, then setting the ExecutionPolicy for Powershell scripts to anything other than AllSigned is not an option. This means you have to sign your scripts before running them. Christian has written an […]