This video goes over the vulnerability and how to fix it. Please Like and Subscribe by clicking here: studio.ua-cam.com/channels/39GKRsNps38x7UzydcOZ9w.html Follow me on Twitter: twitter.com/NielsenNTWKING
Hey Nielsen, great to have helpful videos like that, well done :) Another person asked this as well: What can go wrong? One thing for me would "already" be that the servers need a restart (not that it's not possible, just that it has to be scheduled right). Did you hear about any complains that the cert padding check breaks things?
I have implemented these changes on numerous servers and never had an issue. *knocks on wood*. Yes, you would want to reboot during a planned maintenance.
@@NNAdmin Great News Nielsen, Thank you for the quick reply! :) * Knocking on wood * there as well, if something goes wrong against all odds, I will try to remember to leave another comment here :D
Windows kerberos RC4-HMAC elevation of privilege vulnerability. CVE-2022-37966 Windows server 2019 .. Remediation:- Update windows server 2019 to version 10.0.17763.3650 Can you plz let me know the steps to fix this vulnerability.
I created that text file and pest that registery key setting, saving text file with name of - wintrust.reg , but this file icon not changing, its simply showing as a text file .. and when i am right click on that file , i dont find out that Merge option.. Can you plz help me .
Sounds like it's still a text file. Can you enable showing file extension? Windows 10: Open File Explorer; if you do not have an icon for this in the task bar; click Start, click Windows System, and then File Explorer. Click the View tab in File Explorer. Click the box next to File name extensions to see file extensions. Click the box next to Hidden items to see hidden files. Then see if the file has a .reg extension?
I have a question on this. We received a vulnerability report at my company for one server that has this issue but ALL of our serves across our environments do not have the wintrust reg path - is this worth even doing? Our servers run server 2016 datacenter.
Yes, I would think you would want to create the path and add the key. That said, if your goal is to stay off the report, and you're not showing on the report, then maybe you don't, but that would be your call.
Hi Good afternoon I followed the steps and apply your recomendations. One doubt ? I rebooted the server after this recomendattions. after the reboot i must run the "How to disable the functionality. Perform the following to delete the registry value previously added" , or is not necessary. regards.
Not that I am aware, but check this article out for more specifics on authenticode. learn.microsoft.com/en-us/security-updates/securityadvisories/2014/2915720
This video goes over the vulnerability and how to fix it.
Please Like and Subscribe by clicking here: studio.ua-cam.com/channels/39GKRsNps38x7UzydcOZ9w.html
Follow me on Twitter: twitter.com/NielsenNTWKING
Thank you for posting this. This just popped up on my vulnerability scanner for some older devices and your video validated what I have been reading
Glad it helped
I searched into many webpages and nothing like this video, thanks a lot.
Welcome 👍
Hey Nielsen, great to have helpful videos like that, well done :)
Another person asked this as well: What can go wrong?
One thing for me would "already" be that the servers need a restart (not that it's not possible, just that it has to be scheduled right).
Did you hear about any complains that the cert padding check breaks things?
I have implemented these changes on numerous servers and never had an issue. *knocks on wood*. Yes, you would want to reboot during a planned maintenance.
@@NNAdmin Great News Nielsen, Thank you for the quick reply! :)
* Knocking on wood * there as well, if something goes wrong against all odds, I will try to remember to leave another comment here :D
ur the goat man 🙏
Great Stuff Nielsen.Thanks
Glad you enjoyed it
Awesome, thank you.
You're welcome!
Awesome stuff, thank you!
Glad you liked it!
Very Helpful!!
I'm glad!
Windows kerberos RC4-HMAC elevation of privilege vulnerability.
CVE-2022-37966
Windows server 2019 ..
Remediation:- Update windows server 2019 to version 10.0.17763.3650
Can you plz let me know the steps to fix this vulnerability.
I believe there is a MS patch for this?
I am trying to fix this but its not working. Can you plz help me ..
I am from India.
I replied below.
Hi Nielsen, Thanks for the video its really helpful, just need to ask what if we have multiple servers like more than 100?
Thanks for the nice comments, you would need push out the registry keys via GPO, Intune or some other desktop management software.
@@NNAdmin got it thanks 🙂
This one for which purpose and where is effected
I am not certain what you mean? But it's for CVE-2013-3900 and it affects certain hardware/software.
Thank you. One question. For a windows Server, need restara? or not necesary?
Yes, for the changes to be active.
I created that text file and pest that registery key setting, saving text file with name of - wintrust.reg , but this file icon not changing, its simply showing as a text file .. and when i am right click on that file , i dont find out that Merge option..
Can you plz help me .
Sounds like it's still a text file. Can you enable showing file extension?
Windows 10:
Open File Explorer; if you do not have an icon for this in the task bar; click Start, click Windows System, and then File Explorer.
Click the View tab in File Explorer.
Click the box next to File name extensions to see file extensions.
Click the box next to Hidden items to see hidden files.
Then see if the file has a .reg extension?
@@NNAdmin... I want to know this ... I m the only person in my project ... I need help ..
Microsoft odbc driver remote code execution vulnerability.
CVE-2024-21440
Can you plz let me know how to fix this vulnerability. ?
I believe there is a MS patch for this?
Can you plz tell exact patch KB details.
Thank you very nhiều :D
Thank you my friend 😉
Anytime, glad to help!
@@NNAdmin do you have account on Skype 🥺
I have a question on this. We received a vulnerability report at my company for one server that has this issue but ALL of our serves across our environments do not have the wintrust reg path - is this worth even doing? Our servers run server 2016 datacenter.
Yes, I would think you would want to create the path and add the key. That said, if your goal is to stay off the report, and you're not showing on the report, then maybe you don't, but that would be your call.
Hi Good afternoon I followed the steps and apply your recomendations. One doubt ? I rebooted the server after this recomendattions. after the reboot i must run the "How to disable the functionality. Perform the following to delete the registry value previously added" , or is not necessary. regards.
No need to delete any registry keys.
Is there any effect on OS functionality on production while applied this on regedit?
Not that I am aware, but check this article out for more specifics on authenticode.
learn.microsoft.com/en-us/security-updates/securityadvisories/2014/2915720