Categories: US-Cert-Repository

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025

Original release date: August 07, 2015

US-CERT is aware of continued exploitation of insecurely stored passwords in Group Policy Preferences, due to incomplete implementations of Microsoft Security Bulletin MS14-025. Systems may still be vulnerable to exploitation if administrators have not cleared all previously stored passwords from their environment. An attacker may decrypt these passwords and use them to gain escalated privileges.

US-CERT strongly recommends that administrators employ the PowerShell script provided in Microsoft  Knowledge Base Article 2962486 and follow the included instructions for clearing all “CPassword” preferences from their environment.

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Leave a Comment
Share
Published by
admin
11 years ago

Recent Posts

MyDoom.B Virus

Systems Affected   Any system running Microsoft Windows (Windows 95 and newer) that are used…

3 weeks ago

Multiple Vulnerabilities in Microsoft Internet Explorer

Systems Affected   Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

3 weeks ago

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Systems Affected   Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

4 weeks ago

Multiple Vulnerabilities in Microsoft Windows

Systems Affected   Systems running Microsoft Windows   Overview   Microsoft Windows contains multiple vulnerabilities,…

4 weeks ago

Vulnerability in Microsoft Outlook 2002

Systems Affected   Systems running Microsoft Office XP and Outlook 2002   Overview   There…

4 weeks ago

Multiple Vulnerabilities in OpenSSL

Systems Affected   Applications and systems that use the OpenSSL SSL/TLS library   Overview  …

4 weeks ago

This website uses cookies.