Category: Security

Exploring Microsoft Security Update information with PowerShell

Posted onLeave a comment

Nowadays regular deployment of security updates is a must, whether at home or within the enterprise. If you are responsible to keep systems up to date you deploy the latest updates as soon as possible.  But it is equally important to understand the vulnerabilities being addressed by these updates. The Microsoft Security Update Guide allows you to find detailed information about security updates. Go to https://portal.msrc.microsoft.com/en-us/ and select “Go to the security update Guide” Next Read More …

How to check if Control Flow Guard is enabled

Posted onLeave a comment

How to check if Control Flow Guard is enabled Control Flow Guard helps mitigate exploits that are based on flow between code locations in memory. Control Flow Guard (CFG) is a mitigation that requires no configuration within the operating system, but instead is built into software when it’s compiled. So how to check if an Application is Control Flow Guard is enabled? For my own testing purposes I created two executables one called ConsoleApplication1.exe that Read More …

PowerShell Script – Get-IscMSSecBulletinInfo

Posted onLeave a comment

Hey there, the Internet Storm Center recently extended their Rest API with some features for Microsoft Patch Data. So where there is a REST API, there’s an opportunity for a PowerShell Script.  The Get-IscMSSecBulletinInfo can be found here: https://github.com/alexverboon/posh/blob/master/Security/Get-IscMSSecBulletinInfo.ps1 Cheers /Alex

No MBSA for Windows 8 planned

Posted on1 Comment

Many companies and individuals use the Microsoft Baseline Security Analyzer (MBSA) to assess the security state of their Windows Clients. But according to a statement from Microsoft in their August 2012 Security Bulletin, there are currently no plans to release an updated version for Windows 8. Q: Will the current version of MBSA support Windows 8? A: No, the current version of MBSA will not support Windows 8 and Microsoft currently has no plans to Read More …

How the Windows Defender Offline Beta Tool works

Posted on2 Comments

In addition to the Microsoft Security Essentials software and the Microsoft Safety Scanner Microsoft just recently released another FREE antimalware removal product called the Windows Defender Offline Beta. While Security Essentials and Safety Scanner run within Windows, the purpose of the  Windows Defender Offline Tool is to run offline from bootable USB or CD/DVD media. In fact the tool isn’t really something new, those familiar with the Microsoft Desktop Optimization Pack Suite (MDOP) which includes Read More …

Running an Application as Administrator or in Compatibility Mode

Posted on13 Comments

Today someone in a forum asked how to programmatically configure an application so that it runs in compatibility mode. Configuring this manually is easy, just open the file’s properties, select the Compatibility tab and apply the required settings. On Windows 7 this then looks as shown in the picture below. Now whatever we configure here, it all gets written to the following location in the Windows Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers If the settings have to apply Read More …

GPO Settings for Microsoft Security Essentials

Posted onLeave a comment

With the release of the latest version of Microsoft Security Essentials 2.0 in December 2010, Microsoft also changed the licensing terms. Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business. Now although 10 PCs isn’t a lot, some Administrators might be interested in configuring their Microsoft Security Essential clients with a GPO. Fabien Duchene has created an Administrative template Read More …

A Security Baseline Resource for Windows 7–Internet Explorer and Windows 7 Firewall

Posted onLeave a comment

If you are looking for some ideas how to secure your Windows 7 clients, have a look at the USGCB (The United States Government Configuration Baseline). The USGCB has been developed by the Department of Defense (DoD) and the National Institute of Standards and Technology. The documentation looks impressive and even if you aren’t going to apply all of these 1-1, it might give you some ideas on how to make your clients more secure. Read More …

Automated Microsoft Security Essentials Installation

Posted on7 Comments

For all those that frequently setup test machines and get tired of manually installing the Microsoft Security Essentials 2.0, here’s a straight forward batch file (even a regular user could use) that does the following: Downloads the Microsoft Security Essential 2.0 (x86) installation source file Installs Microsoft Security Essentials 2.0 Downloads and updates the virus definition signature file   [sourcecode language=”plain”] @ECHO OFF Echo Downloading Microsoft Security Essentials 2.0 (x86) start /wait bitsadmin /TRANSFER MSE20 Read More …

ReadTip: How to use Group Policy Preferences to Secure Local Administrator Groups

Posted on2 Comments

As we come to the year’s end I was doing some housekeeping in my home lab. Too many unused VMs, ad-hoc created Accounts etc. In the end I thought why not apply the same methods we apply within our enterprise environments and so I did. I was actually just about to blog how I solved the local Administrators group management through group policy preferences, but before I started writing that down I thought let’s see Read More …