More Microsoft Guidance on MS16-072

So Microsoft PFE team have just released a blog called “Who broke my user GPO?” which is rather ironically title as the answer was “Microsoft did”. But anyhow, this new post has a detail description of the problem and what can be done to fix the issues and what to do if you have AGPM …

Continue reading ‘More Microsoft Guidance on MS16-072’ »

Official Microsoft Guidance for MS16-072 Breaking Security Patch

Microsft has just published a post about the MS16-072 hotfix that was release this month. Needless to say there has been a lot of organisation caught off guard by this change wanting to know how to fix the problem. However what is also more confusing is there are actaully two different ways to fix this …

Continue reading ‘Official Microsoft Guidance for MS16-072 Breaking Security Patch’ »

How to fix broken GPO because of MS16-072

So as many of you may know, yesterday Microsoft released a security hotfix that changed the behavior of Group Policy. Put simply if you have a security group filtered User Group Policy Object and you also removed the “Authenticated Users” group from the policy it will no longer apply after you install MS16-072. In light …

Continue reading ‘How to fix broken GPO because of MS16-072’ »

Updated – MS16-072 may break your User Group Policies “by-design”

This is a PSA for all Group Policy administrator about MS16-072 that was release yesterday. This patch fixed a man in the middle attack using Group Policy Update however it appears that it has also changed the behavior that Group Policy is applied. If you have a security filtered group policy that are applied to …

Continue reading ‘Updated – MS16-072 may break your User Group Policies “by-design”’ »

MS16-072 – Important: Security Update for Group Policy (3163622) – Version: 1.0

Severity Rating: ImportantRevision Note: V1.0 (June 14, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine . from Microsoft Security Content via IFTTT