Soluții

Configuring Citrix Netscaler for SharePoint SSL Offloading

The scenario was SSL (HTTPS) connections from the outside of a company to their SharePoint site are required – so no HTTP connections. But inside the company it is all HTTP connections to different SharePoint sites! Therefore SharePoint has been set up such that the Citrix Netscaler is doing SSL Offloading and presenting a HTTP connection to SharePoint, but that SharePoint knows to return HTTPS in all the URL’s so that connections from outside remain working.

[mai mult...]

Print Spooler Service Nightmares for Domain Controllers

Compromised Domain Controllers are every Active Directory admin’s nightmare. However, Domain Controllers now have nightmares of their own … all through their Print Spooler services.

The vulnerability known as CVE-2021-1675 was believed to be fixed as part of the June 2021 cumulative updates. However, it has now been weaponized to elevate a standard domain user’s privileges to SYSTEM privileges on a Domain Controller. This trumps the entire privilege structure on Domain Controllers, undermining confidentiality, integrity and availability within Active Directory.

The code to compromise a fully patched Windows Server 2019-based Domain Controller was published publicly this Wednesday, making CVE-2021-1675 a zero-day vulnerability. As it is common for these types of vulnerabilities, it has a nickname: PrintNightmare.

[mai mult...]