KRBTGT Account Password Reset Scripts available for download

KerberosThis is something worth mentioning. In the times of Pass-the-Hash credential theft, Golden Tickets and mitigating the risks around Kerberos authentication, Microsoft has released a very helpful script to automate things. The script resets the password of the krbtgt account. This in effect invalidates and reduces the lifetime of issued Kerberos tickets. This, in turn, mitigates the risks involved in a situation where a ticket is possibly compromised. This doesn’t prevent the attacker from gaining access to your domain again, so this is by no means any sort of all-in-one solution.

I tried this in my enterprise scale lab (2 DC’s, 5 servers, 3 clients :)) with no problems. Very helpful and a great chance to learn something. Go on, try it out. But be aware, in a production environment, make sure you know what you are doing. Otherwise, you might end up bringing your entire domain to its knees. There’s a Word document describing the usage, so make sure to read that. There’s also no harm in taking a peek in the actual script as it seems to have no rocket science in it.

Get the goods in the blog post by Tim Rains in the Cyber Trust Blog.

MS14-045 (KB2993651) Fixed and Re-released

Sadly Microsoft has been providing faulty updates this past year. Even I blogged about one a while back. This month, the crappy update was MS14-045, KB2993651. As the web piled up with reports of Blue Screens of Death and other problems, after a few days MS pulled the faulting update from the Windows Update Catalog and recommended uninstalling it even from successful deployments. Good for those who hadn’t installed it yet, bad for those who’d already approved it for install in WSUS or other deployment solutions. Blue screens caused my monthly updates are not what you want for your machines. Continue reading

Security Update for Windows Server 2012 R2 (KB2920189) – Install Fails with Error Code 0x800F0922

A faulting security update was released on Patch Tuesday this month (May 13th). I wonder how this has been able to fly under the radar through testing? As the following support article states, you receive Error Code 0x800f0922 when you try to install this security update. Continue reading