Mitigations Customers who use Microsoft Defender for Office are protected from attachments that attempt to exploit this vulnerability. In current attack chains, the use of the Block all Office applications from creating child processes Attack Surface Reduction Rule will prevent the vulnerability from being exploited. Organizations who cannot take advantage of these protections can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION Read More
Category: Windows Servers
How to Harden a IIS Web Server with IIS Crypto
When setting up a web server it can be difficult to know what security measures need to be put in place. There are lots of things to think about such as which permissions to apply, which ports to open and which security protocols to enable. Luckily, if you are using IIS, there is a tool Read More
How to Disable Weak Cipher Suites in IIS
By default, IIS is installed with 2 weak SSL 2.0 cipher suites that are enabled: SSL2_RC4_128_WITH_MD5 and SSL2_DES_192_EDE3_CBC_WITH_MD5. This can impact the security of AppScan Enterprise, and the cipher suites should be disabled. Before you begin Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data Read More
How to Check .Net Framework Version Using File Explorer
To use File Explorer to check the .NET Framework version on Windows 11, use these steps: Open File Explorer. Browse the following path: C:\Windows\Microsoft.NET\Framework Open the folder with the latest version – for example, v4.0.30319. Right-click any of the “.dll” files and select the Properties option. Click the Details tab. In the “Product version” section, confirm the version of .NET – for example, 4.8.9032.0. Once Read More
How to Block Adobe Flash Player Using Active Directory Group Policy
It has been a long time coming. And we have known since 2017 that Adobe was planning to discontinue support for its once-popular Flash Player browser extension. Flash provided a way to add animation and interactive elements to web pages. But with the arrival of open standards, like HTML5 and WebGL, developers moved away from Read More
CVE-2013-3900 – How to Test the Improvement to Authenticode Signature Verification
Microsoft recommends that customers test how this change to Authenticode signature verification behaves in their environment before fully implementing it. To enable the Authenticode signature verification improvements, modify the registry to add the EnableCertPaddingCheck value as detailed below. Warning Performing these steps to enable the functionality changes will cause non-conforming binaries to appear unsigned and, therefore, Read More