server security Archives

Winsage

October 25, 2024

Microsoft releases new preview build of Windows Server 2025

Microsoft has released build version 26311 as part of the Windows Server Insider Program for Windows Server 2025. This build does not introduce new functionalities but builds on the previous build 26304. It includes Windows Defender Application Control for Business (WDAC), which enhances security by allowing only authorized software to operate. WDAC can be managed through PowerShell cmdlets and is supported by Microsoft's OSconfig security configuration platform. Additionally, build 26311 features the Windows Server 2025 Security Baseline Preview, enabling administrators to configure security settings based on a recommended posture derived from over 350 preconfigured Windows security settings. A default policy is available for installation via OSconfig and PowerShell cmdlets. The build is available for download, with a lifecycle extending until September 15, 2025.

Winsage

October 8, 2024

Microsoft fixes Remote Desktop issues caused by Windows Server update

Microsoft's cumulative updates for October address a significant issue with Remote Desktop connections on Windows servers, specifically related to the RD Gateway service, which began crashing every 30 minutes after the July security updates. This issue, confirmed by Microsoft, is linked to a TSGateway service termination problem that triggers an 0xc0000005 exception code, logged as Event 1000. The affected Windows Server releases include: - Windows Server 2022 (KB5040437) - Windows Server 2019 (KB5040430) - Windows Server 2016 (KB5040434) - Windows Server 2012 R2 (KB5040456) - Windows Server 2012 (KB5040485) Temporary workarounds include blocking connections over the pipeRpcProxy3388 and modifying the RDGClientTransport registry key. Administrators are advised to back up the registry before making changes. Microsoft has previously addressed similar connectivity issues and has also released security updates for October 2024 that fix 118 vulnerabilities, including five zero-days.

Tech Optimizer

September 23, 2024

7 things to consider when choosing a server antivirus program

The reliance on digitization in business has made cyber security for servers essential, with specialized server antivirus solutions being crucial for protection. Servers are particularly vulnerable to cyber threats, necessitating robust detection capabilities in antivirus solutions to identify various types of malware. The performance impact of antivirus software must be considered to avoid disrupting daily business operations, and compatibility with the server's operating system is vital to prevent instability. Regular update frequency is important for maintaining effective security, with automatic updates being preferable. Usability is significant, especially for businesses with limited IT resources, and customer support services should be reliable and accessible. Cost is a key factor in selecting antivirus software, with the aim of finding a cost-effective solution that does not compromise on cybersecurity.

Winsage

August 21, 2024

Windows 11 Insider Dev Channel build 26120.1542 (KB5041872) makes a Widgets taskbar change

Microsoft has released a new Windows 11 build, 26120.1542, for Windows Insider Program participants in the Dev Channel, identified under KB5041872. The update enhances the Widgets feature on the taskbar, introduces a new position for the Widgets entry-point, and adds taskbar navigation enhancements. It also includes bug fixes such as improvements to text suggestions for hardware keyboards, a fix for the emoji panel, and corrections in the Registry Editor. General fixes address issues with adding languages, driver vulnerability updates, Group Policy Preferences, DNS security, PowerShell and VBScript limitations, and BitLocker firmware update failures. Known issues include a repair version notice for certain users and potential crashes in Task Manager.

Winsage

August 14, 2024

Windows Server August updates fix Microsoft 365 Defender issue

Microsoft resolved an issue affecting Microsoft 365 Defender (Defender XDR) that arose after the July 2024 Windows Server updates, specifically impacting Windows Server 2022 and disrupting the Network Detection and Response (NDR) service. This disruption also affected other Defender functionalities reliant on NDR, such as Incident Response and Device Inventory. The issue was addressed by Windows updates released on August 13, 2024 (KB5041160) and later. Users are advised to install the latest updates for crucial improvements. Additionally, Microsoft fixed another issue causing LPD printing jobs to fail across Windows Server 2022, 2019, and 2016 systems after the July 2024 updates. An emergency fix was also deployed in May for Windows Server 2019 to resolve 0x800f0982 errors. Earlier in May, Microsoft addressed issues disrupting VPN connections, unexpected reboots of domain controllers, and NTLM authentication failures after April's updates. However, a lingering bug affecting remote desktop connections on Windows Server 2012 and later continues to cause intermittent logon session losses, requiring reconnections.

Winsage

August 13, 2024

Patch Tuesday update (KB5041571) hits Copilot+ PCs running Windows 11 24H2

Microsoft has released KB5041571 for Windows 11 24H2 users with Copilot+ PCs, updating systems to Build 26100.1457. This update addresses security issues and includes improvements from update KB5040529. Key changes include the removal of the “Use my Windows user account” checkbox on the lock screen for Wi-Fi connections, elimination of the NetJoinLegacyAccountReuse registry key, application of Secure Boot Advanced Targeting (SBAT) to prevent vulnerable Linux EFI from executing, and enhancements to DNS server security to address CVE-2024-37968. A servicing stack update (KB5041575) has also been released to improve the installation process for Windows updates. There is a known issue affecting Arm device users unable to download and play Roblox via the Microsoft Store, with a workaround available to download directly from the Roblox website. The update can be downloaded from the Microsoft Catalog or accessed through Windows Update.

AppWizard

July 27, 2024

You Need To Stop Using Telegram Messenger. Here’s Why – SlashGear

End-to-end encryption is not enabled by default on Telegram, which uses server-client encryption instead.

AppWizard

July 22, 2024

Ask Jerry: Why does Google push out updates and new features so slowly?

Google slowly rolls out software changes to prevent global chaos caused by a single bad update, unlike what happened with a Microsoft Windows outage due to a third-party software vendor's update.

Winsage

July 15, 2024

June Windows Server updates break Microsoft 365 Defender features

- Microsoft released an out-of-band update to fix a bug that caused Azure Synapse SQL Serverless Pool databases to go on a "Recovery pending" state - The bug affects environments using Customer-Managed Key (CMK) and Azure Synapse dedicated SQL pool - Another issue caused by the same update prevents users from changing their account profile pictures - An emergency fix was pushed to Windows Server 2019 systems to address a bug causing 0x800f0982 errors when installing security updates - Microsoft also fixed known issues that broke VPN connections, triggered domain controller reboots, and caused NTLM authentication failures after installing Windows Server security updates

Winsage

June 19, 2024

CVE-2024-4577: PHP Injection Vulnerability in Windows Server

A critical security flaw impacting PHP, identified as CVE-2024-4577, allows for remote code execution on Windows operating systems. The vulnerability bypasses previous protections and affects all PHP versions. Exploitation attempts were detected within 24 hours of disclosure, emphasizing the need for users to apply the latest patches. XAMPP installations on Windows using specific languages are particularly vulnerable. To determine vulnerability, administrators can check server configurations and take preventive measures such as updating PHP, disabling CGI features, and modifying server configurations.