During my time at Microsoft, I had the opportunity to work with some of the most innovative technologies in the industry. One of those technologies was Native VHD Boot, which I had the chance to explore during the beta testing phase of Windows 7 back in 2008. At the time, very little information was available to the public about this groundbreaking technology.
Continue readingCategory: Windows (Page 5 of 5)
During a recent 3-month security course, I was asked on my exam to construct a Security Descriptor Definition Language (SDDL) string for a Windows object. While I was able to come up with a valid string, the experience left me curious to explore the full extent of what SDDL could do. As I delved deeper into the topic, I discovered that SDDL is a powerful tool for managing permissions on Windows objects, allowing you to fine-tune access controls with precision. In this blog post, I’ll share my journey with SDDL, exploring its ins and outs, and demonstrating how you can use it to control access to various Windows objects, including services and folders.
Continue reading
Privilege escalation is a common attack vector used by attackers to gain higher levels of access to a computer system. One type of privilege escalation attack is the “Unquoted Service Path“, which is a vulnerability that exists in Windows operating systems. This type of attack can allow a threat actor to execute malicious code with elevated privileges, which can have serious consequences such as data theft or a complete system compromise. In this blog post, I’ll delve into the mechanics of Unquoted Service Path attacks and how they can be prevented. Understanding these types of attacks and how to defend against them is critical for protecting computer systems and sensitive data.
Continue reading
I sometimes get nostalgic about the technology that was hot and happening a few years ago, this is especially true for Windows To Go. A nice little piece of technology that allows Windows to boot from a specially crafted USB stick. When it was introduced, it required specific USB pen drives as, at the time, USB equipped with internal fast storage was not really that common. Compared to what’s available now it was very expensive and limited to a few vendors. Although the UI for creating a WTG pen drives has been removed it’s really not that hard to manually create one.
Continue reading
The Windows operating systems from its humble beginning up to the point where it is today has gone through tremendous chances to battle all the emerging security threads. Among those are the most rudimentary forms of disruption up to the very sophisticated state sponsored attacks which can lead to the destabilization of society. As the saying goes in the industry, it’s always a rat race.
Continue reading
A couple of days ago I had to deal with a situation where our vulnerability tool was complaining that the root certificate store wasn’t updated for a while. This process runs every 7 days, so it takes some time before you will notice any error messages, as was in my case. After doing some research it turned out that the update service for the Microsoft root certificate program was blocked. That in turn triggered me to dig into the more technical side of the Microsoft Root certificate program.
Continue reading
In the previous blog post I wrote about how to join a Ubuntu 22.04 machine to a Microsoft Active Directory domain. In this follow up post I want to dive a little deeper into the configuration files, a bug I ran into during testing and setting some advanced security settings for access management. The latter is crazy easy actually, keep on reading.
Continue reading