Sam's Tech Hub

Welcome to Sam's Tech Hub - a dedicated space for enthusiasts and professionals to explore everything Microsoft! From the latest tech news, trending topics, and insightful articles to hands-on solutions, step-by-step guides, product updates, and in-depth reviews, Sam's Tech Hub is your go-to resource for all things Microsoft. Dive in for valuable learning support and stay up-to-date with evolving technologies in the Microsoft Platform. Sam's Tech Hub - Keep Exploring. Happy Learning! :)

Showing posts with label Microsoft. Show all posts
Showing posts with label Microsoft. Show all posts

Friday, November 15, 2024

⚡Microsoft's November 2024 Patch Tuesday: A Comprehensive Overview⚡

Posted by Samitha Dasun Peiris on November 15, 2024

Introduction

Microsoft's November 2024 Patch Tuesday has brought a significant number of updates aimed at enhancing the security and stability of various Microsoft products. This month's release addresses a total of 91 vulnerabilities, including four zero-day exploits. Below is a detailed breakdown of these vulnerabilities by type:
  • Remote Code Execution (RCE) Vulnerabilities: 52
  • Elevation of Privilege (EoP) Vulnerabilities: 26
  • Denial of Service (DoS) Vulnerabilities: 4
  • Spoofing Vulnerabilities: 3
  • Security Feature Bypass (SFB) Vulnerabilities: 2
  • Information Disclosure Vulnerability: 1

Key Highlights

01. Zero-Day Vulnerabilities
  • CVE-2024-49039: A critical flaw in the Windows Task Scheduler that allows attackers to elevate their privileges. This vulnerability has been actively exploited in the wild.
  • CVE-2024-43451: A spoofing vulnerability that exposes NTLMv2 hashes, enabling attackers to perform "pass-the-hash" attacks.
  • CVE-2024-49040: A spoofing vulnerability in Microsoft Exchange Server, which could allow attackers to deceive recipients by spoofing email addresses.
  • CVE-2024-49019: An elevation of privilege flaw in Active Directory Certificate Services, potentially allowing attackers to gain domain administrator privileges.
02. Critical Vulnerabilities
  • CVE-2024-43639: A remote code execution vulnerability in Windows Kerberos, which could allow attackers to execute code remotely by exploiting weaknesses in the cryptographic protocol.
  • CVE-2024-43498: A remote code execution flaw in .NET and Visual Studio, with a CVSS severity rating of 9.8.
03. Other Notable Fixes
  • Memory-Related Security Issues: At least 29 updates address memory-related vulnerabilities in SQL Server, each with a threat score of 8.8.
  • Remote Code Execution (RCE) Vulnerabilities: 52 RCE vulnerabilities were patched, which could allow attackers to execute arbitrary code on vulnerable systems.
  • Elevation of Privilege (EoP) Vulnerabilities: 26 EoP vulnerabilities were addressed, enabling attackers to gain higher-level access than authorized.

Detailed Breakdown

  • Remote Code Execution (RCE) Vulnerabilities: These vulnerabilities are particularly dangerous as they allow attackers to execute arbitrary code on a target system remotely. This month's updates include fixes for 52 RCE vulnerabilities across various Microsoft products.
  • Elevation of Privilege (EoP) Vulnerabilities: EoP vulnerabilities enable attackers to gain unauthorized access to higher-level privileges. This month's patch addresses 26 such vulnerabilities.
  • Denial of Service (DoS) Vulnerabilities: Four DoS vulnerabilities were fixed, which could disrupt services by overloading systems.
  • Spoofing Vulnerabilities: Three spoofing vulnerabilities were addressed, which could allow attackers to deceive users by impersonating legitimate entities.
  • Security Feature Bypass (SFB) Vulnerabilities: Two SFB vulnerabilities were patched, which could allow attackers to bypass security features designed to protect systems.
  • Information Disclosure Vulnerability: One information disclosure vulnerability was fixed, which could potentially expose sensitive information to unauthorized users.

Conclusion

The November 2024 Patch Tuesday underscores the critical importance of timely updates to protect against potential cyber threats. With 91 vulnerabilities addressed, including four zero-day exploits, it is essential for users and administrators to apply these patches promptly to safeguard their systems.

Stay vigilant and ensure your systems are up-to-date to mitigate the risks posed by these vulnerabilities.

The complete list of the vulnerabilities can be found here - Microsoft release notes.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,

Sunday, November 10, 2024

✨ Microsoft Entra ID Reintroduces WhatsApp for MFA OTP Delivery ✨

Posted by Samitha Dasun Peiris on November 10, 2024

 

In late 2023, Microsoft Entra began leveraging WhatsApp as an alternate channel to deliver multifactor authentication (MFA) one-time passcodes (OTPs) to users in India and Indonesia. This initiative saw improved deliverability, completion rates, and user satisfaction in both countries. Although the channel was temporarily disabled in India in early 2024, Microsoft is set to re-enable it in December 2024 and expand its use to additional countries.

When Will This Happen?

Starting in December 2024, users in India and other countries may begin receiving MFA text messages via WhatsApp. This feature will be available to users who are enabled to receive MFA text messages as an authentication method and already have WhatsApp installed on their phones. If a user with WhatsApp is unreachable or lacks internet connectivity, the system will quickly fall back to the regular SMS channel. Additionally, users receiving OTPs via WhatsApp for the first time will be notified of the change in behavior via SMS text message.

How Will This Affect Your Organization?

If you are a Microsoft Entra workforce customer currently using text-message authentication, it is recommended to notify your helpdesk about this upcoming change. The sender agent in WhatsApp will be branded as Microsoft with a verified checkmark, ensuring users recognize the legitimacy of the messages.

Organizations that prefer not to use WhatsApp for MFA text messages can disable this authentication method. However, Microsoft highly encourages moving to more modern, secure methods like Microsoft Authenticator and passkeys.

Key Highlights

  • WhatsApp Delivery: Users with WhatsApp will receive MFA OTPs directly in the app, with SMS as a fallback if needed.
  • Verified Sender: Messages will come from Microsoft with a verified checkmark.
  • Enhanced User Experience: Improved deliverability and user satisfaction based on prior implementations in India and Indonesia.


Recommendations

  • Inform Your Helpdesk: If you currently use text-message authentication, inform your helpdesk about this change.
  • Consider More Secure Methods: Microsoft recommends adopting more secure authentication mechanisms, such as Microsoft Authenticator and passkeys.

What You Need to Do to Prepare

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Keep Exploring. Happy Learning! 😊
Posted in , , ,

Wednesday, November 6, 2024

πŸ“’ Microsoft Windows Server 2025 Now Generally Available! πŸ“’

Posted by Samitha Dasun Peiris on November 06, 2024


The tech world is abuzz with excitement as Microsoft has officially launched Windows Server 2025. This latest iteration promises to revolutionize the way businesses manage their IT infrastructure. Here’s a comprehensive look at what Windows Server 2025 brings to the table.

Release and Support Timeline

  • Official Launch: November 4, 2024, starting with build 26100.1742.
  • Mainstream Support: Until October 9, 2029.
  • Extended Support: Until October 10, 2034.

Key Features and Enhancements

1. Enhanced Security

  • Zero Trust Security Model: Windows Server 2025 integrates a Zero Trust security model, ensuring that every access request is thoroughly verified, regardless of where it originates.
  • Advanced Threat Protection: With built-in AI and machine learning capabilities, the server can detect and respond to threats in real-time, minimizing potential damage.
  • Enhanced Active Directory (AD): Improved scalability and new cryptographic support.
  • SMB over QUIC: Secure, efficient file sharing over the internet.
  • Hardened Firewall Defaults: Enhanced protections against various network attacks.

2. Improved Performance and Scalability

  • Optimized for Hybrid Environments: Whether your infrastructure is on-premises, in the cloud, or a hybrid of both, Windows Server 2025 is designed to provide seamless integration and performance.
  • Enhanced Virtualization: The new server offers improved support for containerization and microservices, making it easier to deploy and manage applications at scale.
  • Support for NVMe SSDs: Boosts storage performance.
  • Optimized File Services: Faster block cloning for improved efficiency.

3. Simplified Management

  • Unified Management Console: A single, intuitive interface allows administrators to manage all aspects of their server environment, from user permissions to resource allocation.
  • Automated Maintenance: Routine tasks such as updates and backups can now be automated, reducing the administrative burden and minimizing downtime.
  • Advanced Windows Admin Center Tools: Streamline management tasks and reduce operational costs.
  • In-Place Upgrades: Supports upgrades from Windows Server 2012 R2 and later versions.

4. Support for Modern Workloads

  • AI and Machine Learning: Windows Server 2025 includes native support for AI and machine learning workloads, enabling businesses to leverage these technologies without needing additional infrastructure.
  • Edge Computing: With enhanced support for edge computing, businesses can process data closer to where it is generated, reducing latency and improving performance.
  • Improved Support for Modern App Development: Including .NET 8 and enhanced Kubernetes compatibility.
  • In-Place Upgrades: Supports upgrades from Windows Server 2012 R2 and later versions.

5. Hotpatching

  • Minimize Downtime: Apply security updates without a system reboot, keeping systems secure with the latest patches.

6. User Experience Improvements

  • Modernized Interface: A Windows 11-inspired look and feel.
  • New Task Manager and Bluetooth Support: Enhanced usability.
  • Consistent Client and Server UI Experience: Streamlined operations.

7. Networking Enhancements

  • Simplified Software Defined Networking (SDN) Configuration: Improved performance and security.
  • Enhanced Networking and Storage Capabilities: Better performance and data protection.

Benefits for Businesses

  • Cost Efficiency: By optimizing resource usage and automating routine tasks, Windows Server 2025 helps businesses reduce operational costs.
  • Enhanced Productivity: The improved performance and simplified management tools allow IT teams to focus on strategic initiatives rather than routine maintenance.
  • Future-Proofing: With support for the latest technologies and a focus on security, Windows Server 2025 ensures that businesses are prepared for future challenges.

Getting Started with Windows Server 2025

To help businesses transition smoothly, Microsoft offers a range of resources, including detailed documentation, training programs, and support services. Whether you’re upgrading from a previous version or deploying Windows Server for the first time, these resources can help you get the most out of your investment.

Conclusion

Windows Server 2025 is a significant step forward in server technology, offering enhanced security, improved performance, and simplified management. For businesses looking to stay ahead in a rapidly evolving tech landscape, this new release is a game-changer.

To download a free 180-day evaluation, visit the Microsoft Evaluation Center.

Stay tuned for more updates and in-depth guides on how to leverage the full potential of Windows Server 2025 for your business needs.

Keep Exploring. Happy Learning!😊
Posted in , , ,

Sunday, October 27, 2024

πŸ’‘Azure Update Manager - A Comprehensive GuideπŸ’‘

Posted by Samitha Dasun Peiris on October 27, 2024

 

01. Introduction

Azure Update Manager is a unified service designed to manage and govern updates for all your machines, whether they are in Azure, on-premises, or in other cloud environments connected via Azure Arc. It provides a centralized platform to monitor, deploy, and manage updates, ensuring your systems are secure and up-to-date.

02. What is Azure Update Manager?

Azure Update Manager, part of the Azure Automation suite, offers:
  • Automated Update Deployment: Schedule updates for Windows and Linux servers.
  • Unified Management: Manage updates across Azure, on-premises, and hybrid environments.
  • Compliance Monitoring: Ensure all machines meet update compliance standards.
  • Custom Scheduling: Configure maintenance windows to minimize disruption.

03. Key Features and Benefits

Here are some key benefits of using Azure Update Manager:
  • Native Experience: Integrated as a native feature on Azure Compute and Azure Arc.
  • No Dependency on Log Analytics and Azure Automation: Operates independently of these services.
  • Azure Policy Support: Compatible with Azure Policy.
  • Global Availability: Available in all Azure Compute and Azure Arc regions.
  • Granular Access Control: Offers role-based access control at the individual resource level.
  • Azure Resource Manager-Based Operations: Supports role-based access control and Azure Resource Manager roles.
  • Increased Flexibility: Allows immediate or scheduled update deployments.
  • Unified Management: Manage updates for Azure VMs, on-premises machines, and other cloud environments.
  • Flexible Patching: Schedule updates or deploy them immediately.
  • Compliance Monitoring: Track update compliance and generate custom reports.
  • Patch Orchestration: Reduce downtime with intelligent patch sequencing.
  • Hybrid Support: Manage both Azure and on-premises systems.
  • Detailed Insights: Real-time update compliance reports.
  • Customizable Maintenance: Configure maintenance windows tailored to business needs.

04. Prerequisites

Before using Azure Update Manager, ensure you have:
  1. An Azure subscription.
  2. Azure VMs or machines connected via Azure Arc.
  3. Appropriate permissions (Azure Owner or Contributor role).

05. Pricing for Azure Update Manager

  • Azure Virtual Machines and Azure Stack HCI VMs: Free of charge.
  • Azure Arc-enabled Servers: $5 per server per month (prorated daily). Free under specific conditions if using Extended Security Updates (ESU) or Microsoft Defender for Servers Plan 2.

06. How Azure Update Manager Works

Monitoring and Compliance:
  • Single Dashboard: Monitor update compliance across all machines.
  • Compliance Status: View compliance status, including pending updates and installation history.
Update Deployment:
  • Real-Time Updates: Deploy updates immediately to address critical vulnerabilities.
  • Scheduled Updates: Schedule updates within defined maintenance windows.
  • Automatic Updates: Enable automatic VM guest patching and hot patching for Azure VMs.
Configuration and Management:
  • Dynamic Scoping: Group machines based on criteria (e.g., tags, resource groups) and apply updates at scale.
  • Pre and Post Events: Configure scripts or automation tasks to run before and after updates.
Advanced Features:
  • Azure Policy Integration: Enforce update compliance and schedule patching.
  • Custom Reporting: Generate custom reports using Azure Workbooks.
Security and Access Control:
  • Role-Based Access Control (RBAC): Provide granular access control for patch management tasks.
  • Secure Data Storage: All update data is stored in Azure Resource Graph (ARG).

07. Visual Overview

Here's a visual representation of the Azure Update Manager workflow:

08. Update Options in Azure Update Manager

  • Automatic VM Guest Patching: Automatically downloads and applies critical and security patches to Azure VMs during off-peak hours.
  • Hotpatching: Available for Windows Server Azure Edition VMs, allowing updates without requiring a reboot.
  • Customer-Managed Schedules: Define custom maintenance schedules for both Azure and Arc-connected machines.
  • Azure Managed - Safe Deployment: Azure orchestrates updates for a group of VMs, ensuring availability-first principles.
  • Periodic Assessment: Runs every 24 hours to check for updates and ensure compliance.

09. Supported Operating Systems

Azure Update Manager supports updates for both Windows and Linux operating systems:

Windows:
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019
  • Windows Server 2022
Linux:
  • Ubuntu 18.04 LTS, 20.04 LTS
  • CentOS 7 (Note: CentOS is reaching End of Life status)
  • Red Hat Enterprise Linux (RHEL) 7, 8
  • SUSE Linux Enterprise Server (SLES) 12, 15
Azure Arc-enabled Servers:
  • Supports both Windows and Linux operating systems connected via Azure Arc.
Unsupported Workloads:
  • Windows Client: Use Microsoft Intune for managing updates on Windows 10 and Windows 11.
  • Virtual Machine Scale Sets: Use Automatic upgrades for patching.
  • Azure Kubernetes Service Nodes: Follow the patching guidelines for AKS nodes.

10. Update Classifications in Microsoft Update Management

Microsoft Update Management categorizes updates into several classifications to help organize and manage them effectively. Here are the main classifications, along with definitions and examples for each:

Critical Updates:
  • Definition: A widely released fix for a specific problem that addresses a critical, non-security-related bug.
  • Example: An update that resolves a critical issue causing system crashes or data corruption.
Security Updates:
  • Definition: A widely released fix for a product-specific, security-related vulnerability.
  • Example: An update that patches a vulnerability in Windows that could allow remote code execution.
Update Rollups:
  • Definition: A cumulative set of hotfixes, security updates, critical updates, and updates packaged together for easy deployment.
  • Example: A rollup that includes all updates released for Windows Server in a given month.
Feature Packs:
  • Definition: New product functionality that is first distributed outside of a product release and typically included in the next full product release.
  • Example: A feature pack that adds new capabilities to Windows, such as enhanced security features or new management tools.
Service Packs:
  • Definition: A tested, cumulative set of all hotfixes, security updates, critical updates, and updates applied to a product. Service packs may also contain additional fixes for problems found internally since the product's release.
  • Example: Windows 7 Service Pack 1, which includes all previously released updates and additional improvements.
Definition Updates:
  • Definition: A widely released and frequent software update that contains additions to a product's definition database.
  • Example: Updates for Windows Defender that include new virus definitions to protect against the latest threats.
Tools:
  • Definition: Utilities or features that help complete one or more tasks.
  • Example: The Microsoft Windows Malicious Software Removal Tool, which helps remove specific prevalent malware from Windows systems.
Updates:
  • Definition: A widely released fix for a specific problem. An update addresses a non-critical, non-security-related issue.
  • Example: An update that fixes a minor bug in Microsoft Office that causes occasional crashes when opening certain file types.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,

Saturday, October 19, 2024

πŸ’» How to Fix Active Directory Trust Relationship Issues? πŸ’»

Posted by Samitha Dasun Peiris on October 19, 2024


Active Directory (AD) trust relationships are crucial for maintaining secure and efficient communication between different domains within a network. However, issues with these trust relationships can arise, leading to disruptions in access and authentication processes. Here’s a comprehensive guide on how to identify and fix Active Directory trust relationship issues.

Understanding Active Directory Trust Relationships

Active Directory trust relationships allow domains to share resources and authenticate users across different domains. Trusts can be one-way or two-way, and they can be transitive or non-transitive. Common types of trusts include:

  • Parent-Child Trusts: Automatically created when a new domain is added to a tree.
  • Tree-Root Trusts: Automatically created between the roots of domain trees in a forest.
  • External Trusts: Manually created between domains in different forests.
  • Forest Trusts: Manually created between two forest root domains.
  • Shortcut Trusts: Manually created to improve user logon times between two domains in a forest.

Common Causes of Trust Relationship Issues

  1. Network Connectivity Problems: Issues with network connectivity can prevent domains from communicating effectively.
  2. DNS Configuration Errors: Incorrect DNS settings can lead to trust relationship failures.
  3. Time Synchronization Issues: Discrepancies in time settings between domains can cause authentication failures.
  4. Corrupted Secure Channel: The secure channel used for trust relationships can become corrupted.
  5. Changes in Domain Controllers: Replacing or demoting domain controllers without updating trust relationships can cause issues.

Steps to Fix Trust Relationship Issues

1. Verify Network Connectivity
  • Ensure that all domain controllers can communicate with each other over the network.
  • Use tools like ping and tracert to diagnose connectivity issues.

2. Check DNS Configuration
  • Verify that DNS settings are correctly configured on all domain controllers.
  • Ensure that all domains can resolve each other’s DNS names.
  • Use nslookup to test DNS resolution.

3. Synchronize Time Settings
  • Ensure that all domain controllers are synchronized with a reliable time source.
  • Use the w32tm command to check and configure time settings.

4. Reset the Secure Channel
  • Use the nltest command to reset the secure channel between domain controllers.
nltest /sc_reset:<TrustedDomainName>
  • Alternatively, use the Test-ComputerSecureChannel PowerShell cmdlet to test and repair the secure channel.
Test-ComputerSecureChannel -Repair -Credential (Get-Credential)

5. Recreate the Trust Relationship
  • If the trust relationship is still not working, consider deleting and recreating the trust.
  • Use the Active Directory Domains and Trusts snap-in to delete and then recreate the trust.

6. Verify Trust Relationship
  • Use the Active Directory Domains and Trusts snap-in to verify the trust relationship.
  • Run the nltest command to test the trust relationship.
nltest /trusted_domains

Preventive Measures

  • Regular Monitoring: Regularly monitor trust relationships and network connectivity to identify issues early.
  • Backup and Documentation: Maintain backups and documentation of your AD environment, including trust relationships and DNS configurations.
  • Update Procedures: Ensure that any changes to domain controllers or network configurations are documented and that trust relationships are updated accordingly.

Conclusion

Active Directory trust relationship issues can be challenging, but with the right approach, they can be resolved effectively. By understanding the common causes and following the steps outlined above, you can restore trust relationships and ensure smooth communication between domains. Regular monitoring and preventive measures can help avoid future issues, keeping your AD environment secure and efficient.

Keep Exploring. Happy Learning! 😊
Posted in , , ,

Friday, October 11, 2024

⚡Microsoft's October 2024 Patch Tuesday: A Comprehensive Overview⚡

Posted by Samitha Dasun Peiris on October 11, 2024

 

Introduction

Microsoft's October 2024 Patch Tuesday has addressed a total of 118 security vulnerabilities, including five zero-day vulnerabilities and three critical vulnerabilities. This month's updates span across various Microsoft products and services, enhancing security and stability for users worldwide. Below is a detailed breakdown of these vulnerabilities by type:
  • Remote Code Execution (RCE) Vulnerabilities: 43
  • Elevation of Privilege (EoP) Vulnerabilities: 28
  • Denial of Service (DoS) Vulnerabilities: 26
  • Spoofing Vulnerabilities: 7
  • Security Feature Bypass (SFB) Vulnerabilities: 7
  • Information Disclosure Vulnerabilities: 6

Key Highlights

01. Zero-Day Vulnerabilities
  • CVE-2024-43572: A critical remote code execution (RCE) vulnerability in the Microsoft Management Console (MMC). This flaw can be exploited by convincing a user to open a specially crafted malicious MSC file.
  • CVE-2024-43573: An actively exploited spoofing vulnerability in the Windows MSHTML platform, part of the Trident engine used by Internet Explorer and older versions of Microsoft Edge.
  • CVE-2024-20659: A UEFI security feature bypass vulnerability in Windows Hyper-V.
  • CVE-2024-43583: An elevation of privilege vulnerability in Windows Winlogon, requiring a first-party Microsoft IME to be fixed.
  • CVE-2024-6197: A remote code execution vulnerability in libcurl, fixed in Windows’ bundled version of the tool.
02. Critical Vulnerabilities
  • All three critical vulnerabilities are remote code execution flaws. These could allow attackers to run arbitrary code on affected systems, posing significant security risks.
03. Important Vulnerabilities
  • The majority of the vulnerabilities addressed are classified as important. These include elevation of privilege flaws, denial of service issues, spoofing vulnerabilities, and security feature bypass bugs.

Detailed Patch Information

  • Windows 11, Version 24H2 (KB5044284): This update addresses several security issues and includes improvements from the previous update (KB5043178). Notable fixes include resolving issues with the Remote Desktop Gateway Service and improvements to the Windows servicing stack.
  • Microsoft Office, Microsoft Edge, Visual Studio, Azure CLI, Microsoft Defender for Endpoint: Various components received updates to address security vulnerabilities, ensuring a more secure environment for users.

Known Issues

  • DirectAccess Connection Issues: After a fresh install or an in-place upgrade to Windows 11, version 24H2, users might face issues with DirectAccess connections.
  • Roblox on ARM Devices: Players on ARM devices may experience difficulties downloading and playing Roblox via the Microsoft Store. A workaround is to download the game directly from the Roblox website.

Conclusion

The October 2024 Patch Tuesday updates are crucial for maintaining the security and stability of Microsoft products. Users are strongly encouraged to install these updates promptly to protect their systems from potential exploits and vulnerabilities. For detailed information on each vulnerability and the corresponding updates, users can refer to the official Microsoft Security Update Guide - Microsoft release notes.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,

Saturday, September 28, 2024

⚠️ Microsoft is Deprecating Windows Server Update Services (WSUS) ⚠️

Posted by Samitha Dasun Peiris on September 28, 2024

 

On September 20, 2024, Microsoft officially announced the deprecation of Windows Server Update Services (WSUS). This move is part of Microsoft's strategy to modernize Windows management with cloud-based solutions. Specifically, this means that Microsoft is no longer investing in new capabilities, nor accepting new feature requests for WSUS. However, current functionality will be preserved, and updates will continue to be published through the WSUS channel. Microsoft will also support any content already published through the WSUS channel. Here’s a detailed look at what this means and how you can prepare for the transition.

What is WSUS?

WSUS has been a vital tool for IT administrators, enabling them to manage the distribution of updates released through Microsoft Update to computers in a corporate environment. It provides control over updates, allowing administrators to approve or decline updates, select target computers, and generate detailed reports. Introduced in 2005 as Software Update Services (SUS), WSUS has been essential for managing and distributing updates across large corporate networks, ensuring secure and controlled updates for numerous Windows devices.

Why is WSUS Being Deprecated?

Microsoft is shifting towards cloud-based solutions to enhance update management. While WSUS will no longer receive new features, it will continue to function for existing updates. This move aligns with Microsoft’s vision for simplified, cloud-centric management tools. 

Deprecation refers to the stage in the product lifecycle when a feature or functionality is no longer in active development and may be removed in future releases. Each release of Windows Server adds new features and functionality; occasionally, features and functionality are removed, typically because a better option has been added. Deprecated features continue to work and are fully supported until they are officially removed. Microsoft has no current plans to remove WSUS from in-market versions of Windows Server, including Windows Server 2025.

Impact

The deprecation of WSUS will take effect with the release of Windows Server 2025. With this release, WSUS will not be actively developed or enhanced. Additionally, Microsoft plans to phase out the drive synchronization feature in WSUS on April 18, 2025. Organizations relying on WSUS should start planning their transition to alternative solutions.

Transitioning to Cloud-Based Tools

Microsoft suggests transitioning to the following cloud-based tools:
  • Windows Autopatch: Automates updates for Windows clients and Microsoft 365 apps.
  • Microsoft Intune: Offers comprehensive endpoint management, including update management.
  • Azure Update Manager: Provides robust features for server update management.
These tools offer improved security, efficiency, and integration with other Microsoft services, making them suitable replacements for WSUS.

Conclusion

The deprecation of WSUS marks a significant shift towards cloud-based update management solutions. By transitioning to tools like Windows Autopatch, Microsoft Intune, and Azure Update Manager, organizations can benefit from improved security, efficiency, and integration with other Microsoft services. Start planning your transition today to ensure a smooth and seamless update management experience.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,

Sunday, September 15, 2024

⚡Microsoft's September 2024 Patch Tuesday: A Comprehensive Overview⚡

Posted by Samitha Dasun Peiris on September 15, 2024

Introduction

Microsoft's September 2024 Patch Tuesday has addressed a total of 79 security vulnerabilities, including four zero-day vulnerabilities and seven critical vulnerabilities. This month's updates span across various Microsoft products and services, enhancing security and stability for users worldwide. Below is a detailed breakdown of these vulnerabilities by type:
  • Remote Code Execution (RCE): 12
  • Elevation of Privilege (EoP): 35
  • Denial of Service (DoS): 4
  • Spoofing Vulnerabilities: 3
  • Security Feature Bypass (SFB): 3
  • Information Disclosure: 18
  • Cross-Site Scripting (XSS): 1
  • Other vulnerabilities: 3

Key Highlights

01. Zero-Day Vulnerabilities
  • Mark-of-the-Web Bypass (CVE-2024-38217): Actively exploited, allowing crafted files to bypass SmartScreen or attachment services. This vulnerability highlights risks associated with file downloads.
  • Windows Installer EoP (CVE-2024-38014): Exploited locally to grant SYSTEM privileges due to improper privilege management.
  • Microsoft Publisher Macro Policy Bypass (CVE-2024-38226): Requires local user authentication to bypass macro restrictions, posing risks for organizations.
  • SharePoint Critical RCEs (e.g., CVE-2024-38018): Exploits deserialization flaws to gain control via malicious uploads, emphasizing the need for secure configurations.

02. Critical RCE Vulnerabilities
  • Affect key products like SharePoint and Windows Network Address Translation (NAT). The NAT vulnerability (CVE-2024-38119) involves a "use-after-free" flaw, requiring network adjacency for exploitation.
03. Product-Specific Updates
  • Windows: Multiple privilege elevation and RCE patches for Windows 10, 11, and Server editions.
  • Microsoft 365 Apps: Fixes for Excel, Publisher, and SharePoint vulnerabilities.
  • Power Automate: An RCE vulnerability (CVE-2024-43479) addressed for secure automation workflows.
04. Zero-Day Defense Recommendations
  • Regularly update software to prevent exploitation.
  • Enable enhanced security features like SmartScreen and macro-blocking policies.
  • Monitor for suspicious activity on systems running affected versions.

Conclusion

With 35 elevation-of-privilege vulnerabilities addressed and critical fixes for RCE vulnerabilities in widely-used tools like SharePoint, the September 2024 Patch Tuesday underlines Microsoft's commitment to securing its ecosystem. Organizations should prioritize deploying these patches to ensure compliance and maintain a robust security posture.

The complete list of the vulnerabilities can be found here - Microsoft release notes.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,

Friday, September 13, 2024

πŸ“’ New Microsoft Certification Exam Pricing πŸ“’

Posted by Samitha Dasun Peiris on September 13, 2024

New Microsoft Certification Exam Pricing Effective November 1, 2024


Microsoft is updating its Certification exam pricing to reflect the value and evolving needs of the IT industry. These globally recognized certifications validate your skills and boost career opportunities.

Key points:

  • Certification prices will change depending on the region—some will increase, some will decrease, and many will remain the same.
  • For Sri Lanka:
    • Fundamental certifications will be reduced from $55 to $44.
    • Advanced role-based certifications will drop from $80 to $58.
  • You can register for exams at the current price until October 31, 2024.
  • Explore free and paid resources on Microsoft Learn to prepare.
  • To find the updated price of the exams in your area, check out the full list via https://aka.ms/CertificationExamPrice

Earning a Microsoft Certification can elevate your career, improve work quality, and enhance your credibility. Don't miss out!


Keep Exploring. Happy Learning!😊
Posted in , ,
Subscribe to: Posts (Atom)