A security advisory has been released by Microsoft that addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. This allows an attacker who successfully exploited this vulnerability to execute arbitrary code in the security context of the LocalSystem account and take control of the system.
Intel have recently published a security advisory regarding a firmware vulnerability in certain systems that use Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) or Intel® Small Business Technology (SBT). This could enable a network attacker to gain access remotely to PC’s or devices that use these systems.
Urgent Security Update for Microsoft Windows SMB Server
Microsoft has announced a security update to resolve vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. This security update is rated Critical for all supported releases of Microsoft Windows, and addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.
Increasingly businesses and education are seeing the benefits of virtualization for all employees, and I don't mean for servers. When you buy a desktop PC you have an integrated GPU on the processor (physical hardware) but with traditional virtual desktops, graphics are performed by software.
With the roll out of IPv6 we are met still with bugs and challenges. One we have stumbled across is that when you configure a static IPv6 address you still receive a DHCPP as well. It would seem Microsoft have a bug that when you enable a static IP it doesn't turn off the DHCP function.
If you have just replaced your front end SSL cert and now you can't log into ECP or OWA, this is due to the way the private key is stored. Exchange 2013 only supports hashing SHA-1 not SHA-2 on the key.