Categories: US-Cert-Repository

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025

US-CERT is aware of continued exploitation of insecurely stored passwords in Group Policy Preferences, due to incomplete implementations of Microsoft Security Bulletin MS14-025. Systems may still be vulnerable to exploitation if administrators have not cleared all previously stored passwords from their environment. An attacker may decrypt these passwords and use them to gain escalated privileges.

US-CERT strongly recommends that administrators employ the PowerShell script provided in Microsoft Knowledge Base Article 2962486 and follow the included instructions for clearing all “CPassword” preferences from their environment.

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Next Mozilla Releases Security Updates for Firefox, Firefox ESR, and Firefox OS »

Previous « Best Practices to Protect You, Your Network, and Your Information

This website uses cookies.

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025

Recent Posts

CISA Releases Six Industrial Control Systems Advisories

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Joint Advisory Issued on Protecting Against Interlock Ransomware

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)

CISA Adds One Known Exploited Vulnerability to Catalog