This is almost too sick to be true: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0295
Summary: windows server 2016 allows any user to pre-seed the template for new user profiles with malware in the autostart folder, all due to negligence@microsoft.com - Incredible. Think of terminal servers!
Summary: windows server 2016 allows any user to pre-seed the template for new user profiles with malware in the autostart folder, all due to negligence@microsoft.com - Incredible. Think of terminal servers!
2 Comments
Comment
They did not put a date on this (that I could see) but implicated Windows 10 Creator Update as well.
Now there was a fair sized out-of-band Windows 10 Creator Update this afternoon (now build 15062.502 up from 483 yesterday).
My guess is that Server 2016 got updated as well (but I do not know for sure).
Yet one more reason to keep current on updates.
Now there was a fair sized out-of-band Windows 10 Creator Update this afternoon (now build 15062.502 up from 483 yesterday).
My guess is that Server 2016 got updated as well (but I do not know for sure).
Yet one more reason to keep current on updates.
Active today
Hi John.
"Yet one more reason to keep current on updates" - I'd rather call it "one more reason to use applocker". Patches alone don't help. Also, the issue is not fully fixed by the patch. The startup folder is blocked for writing after the patch, but the rest of the profile is not. So still users can place malicious in the start menu template for new users. Microsoft is too lame to see.
This is true for server 2016 and any win10 system that is or has has ever been on v1607. See https://beingwinsysadmin.blogspot.de/2017/07/bug-windows-10-default-user-profile-is.html for the whole story.
"Yet one more reason to keep current on updates" - I'd rather call it "one more reason to use applocker". Patches alone don't help. Also, the issue is not fully fixed by the patch. The startup folder is blocked for writing after the patch, but the rest of the profile is not. So still users can place malicious in the start menu template for new users. Microsoft is too lame to see.
This is true for server 2016 and any win10 system that is or has has ever been on v1607. See https://beingwinsysadmin.blogspot.de/2017/07/bug-windows-10-default-user-profile-is.html for the whole story.
Recommended Posts
So this year I decided it was really about time I applied for the
@vExpert subprograms, and guess what! I'm in! So Thanks to our Programme Manager![2024-vExpert-PRO.png]()
![2024-vExpert-vSAN.png]()
![2024-vExpert-vSphere.png]()
![vexpert-badge-stars-2024.png]()
![vexpert-badge-year-2024.png]()
@vCommunityGuy and Sub Programme Business Units!
@vExpert subprograms, and guess what! I'm in! So Thanks to our Programme Manager
@vCommunityGuy and Sub Programme Business Units!
Exchange Server Roadmap Update.
MS have moved the release date for the next version of Exchange Server to the second half of 2025.
It requires Server and CAL licenses and will be accessible only to customers with Software Assurance,
https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-server-roadmap-update/ba-p/3421389
MS have moved the release date for the next version of Exchange Server to the second half of 2025.
It requires Server and CAL licenses and will be accessible only to customers with Software Assurance,
https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-server-roadmap-update/ba-p/3421389
