All posts tagged authentication

November 2024 Microsoft Security Updates and DirectAccess

With the November 2024 security updates, Microsoft disclosed a vulnerability (CVE-2024-43639) in the Windows Server KDC Proxy service. This is a Remote Code Execution (RCE) vulnerability with a max severity rating of Critical. If you still use Microsoft DirectAccess for remote access, you’ll want to pay close attention to this bulletin.

KDC Proxy and DirectAccess

When DirectAccess is installed and configured, the KDC Proxy Service is enabled automatically and by default. By design, DirectAccess servers are exposed to the Internet, which significantly increases the risk of this vulnerability. Organizations that have deployed DirectAccess are encouraged to update their systems immediately.

Workaround

There is no known workaround available at this time. Apply the latest security updates to mitigate this risk.

Additional Information

Windows KDC Proxy Remote Code Execution Vulnerability

Microsoft DirectAccess Formally Deprecated

Leave a comment
by Richard M. Hicks on November 14, 2024  •  Permalink
Posted in Active Directory, authentication, CVE, DirectAccess, Enterprise, Infrastructure, KDC Proxy, Microsoft, Operational Support, Remote Access, Security, Security Update, Update, Vulnerability
Tagged , , , , , , , , , , , ,

Posted by Richard M. Hicks on November 14, 2024

https://directaccess.richardhicks.com/2024/11/14/november-2024-microsoft-security-updates-and-directaccess/

Free Entra Certificate-Based Authentication Training Course

I’m pleased to announce I’ll present a FREE online training course on Microsoft Entra Certificate-Based Authentication (CBA). The course will be delivered through the ViaMonstra Online Academy on Wednesday, November 6, beginning at 10:00 AM CST. Once again, this training course is entirely FREE, so don’t hesitate to register now! If you can’t attend the live session, you can always view the presentation recording later.

Course Highlights

Join me for this 90-minute live, online training session where you will learn:

  • How certificate-based authentication offers more robust protection than passwords alone and mitigates phishing and MFA bypass risks
  • How Entra CBA enables a seamless, passwordless user experience while maintaining high security and assurance
  • How Entra CBA eliminates the need for physical authentication devices such as FIDO keys or security tokens, reducing costs and complexity
  • How to configure and manage affinity binding and authentication strength policies for Entra CBA

When you attend the live event, you’ll have the opportunity to ask questions directly during the presentation, so be sure to register today and join us for this free training session!

Additional Information

Mini-Course – Microsoft Entra Certificate-Based Authentication

Leave a comment
by Richard M. Hicks on October 14, 2024  •  Permalink
Posted in Active Directory Certificate Services, AD CS, ADCS, administration, authentication, Azure Active Directory, Azure Conditional Access, CBA, Certificate Authentication, Certificate Authority, Certificate Services, Certificate-Based Authentication, certificates, cloud, Cloud PKI, Cloud Service, Compliance, Conditional Access, Cryptography, Device Management, education, Encryption, Enterprise, Entra CBA, Entra Certificate-Based Authentication, Infrastructure, learning, MFA, Microsoft, Microsoft Entra, Microsoft Entra ID, Microsoft Intune, Mobile Device Management, Multifactor Authentiction, Operational Support, PKI, public cloud, public key infrastructure, SCEP, Security, Simple Certificate Enrollment Protocol, systems management, TPM, Training, Trusted Platform Module, webinar, Windows 10, Windows 11
Tagged , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on October 14, 2024

https://directaccess.richardhicks.com/2024/10/14/free-entra-certificate-based-authentication-training-course/

« Older Posts
Newer Posts »