Information, help and guides with a focus on Microsoft technologies
Migrated from old website (first published Jan 14, 2020) As written today on Forbes and confirmed by Microsoft, big spoofing vulnerability in the CryptoAPI was found by NSA in Windows 10, Server 2016 and Server 2019. The CryptoAPI, (crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. I recommend you to install todays security patch for Windows... Continue Reading →
Migrated from old website (first published Jul 24, 2019) As Microsoft already communicated in October 2017 (MC124104), December 2017 (MC126199) and February 2018 (MC128929), they announced again the move of all their online services to Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption, and to ensure their service is more secure by default. In... Continue Reading →
Migrated from old website (first published Nov 19, 2018) Actually, there are some issues when users want to connect to Azure and Office 365 resources. If they have multi-factor authentication enabled, they aren't able to login, because Microsoft has a bigger problem with the service, as they write on the status pages. As Microsoft writes... Continue Reading →
Migrated from old website (first published Dec 18, 2017) On December 12th 2017, Microsoft published with the CVE-2017-11932 the Security Update KB4045655 for Exchange 2016 CU6 & CU7 which closes a Spoofing Vulnerability. "A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who... Continue Reading →
Doudisblog 