CERT mailing list archives

Previous By Date Next
Previous By Thread Next

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025

From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Fri, 07 Aug 2015 11:06:45 -0500
NCCIC / US-CERT

National Cyber Awareness System:

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025 [ 
https://www.us-cert.gov/ncas/current-activity/2015/08/07/Required-Group-Policy-Preference-Actions-Microsoft-Security ] 
08/07/2015 11:43 AM EDT 
Original release date: August 07, 2015

US-CERT is aware of continued exploitation of insecurely stored passwords in Group Policy Preferences, due to 
incomplete implementations of Microsoft Security Bulletin MS14-025 [ 
http://technet.microsoft.com/library/security/ms14-025 ]. Systems may still be vulnerable to exploitation if 
administrators have not cleared all previously stored passwords from their environment. An attacker may decrypt these 
passwords and use them to gain escalated privileges.

US-CERT strongly recommends that administrators employ the PowerShell script provided in Microsoft  Knowledge Base 
Article 2962486 [ http://support.microsoft.com/en-us/kb/2962486 ] and follow the included instructions for clearing all 
"CPassword" preferences from their environment.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Previous By Date Next
Previous By Thread Next

Current thread: