Advisory Microsoft Updates – April 2020

Total Page:16

File Type:pdf, Size:1020Kb

Advisory Microsoft Updates – April 2020 Advisory Microsoft Updates – April 2020 aeCERT One of Telecommunications Regulatory Authority (TRA) Initiatives P O Box 116688, Dubai, United Arab Emirates (UAE) www.aecert.ae | www.tra.gov.ae Version: 1.0 Ref: ADV-20-032 Document Date: 15/04/2020 Document Details Disclaimer Whilst every effort has been made to ensure the accuracy of the information contained within this report, aeCERT and the TRA bear no liability or responsibility for any recommendations issued or inadvertent damages that could be caused by the recipient of this information. Accessing third-party links in this advisory will direct you to an external website. Please note that aeCERT bears no responsibility for third-party website traffic. aeCERT will have no liability to the entities for the content or use of the content available through the hyperlinks that are referenced. Contents Contents 1 Summary 2 Details 2 Recommendations 11 References 11 1 | P a g e Summary aeCERT has received the latest Microsoft security updates that aim to patch recent vulnerabilities discovered in their system. The release has an impact on some of Microsoft’s products. In order to protect windows from security risks, users should patch their systems as soon as possible. Details Microsoft has released the monthly security updates for the month of April. This update discloses different vulnerabilities present in many of Microsoft’s products. This patch is related to 113 vulnerabilities with three of them being zero-day vulnerabilities: • 15 of the vulnerabilities are considered critical. • 93 are considered important. • 3 are considered moderate. • 2 are considered low. The two zero-day vulnerabilities that are currently being seen actively exploited in attacks are as follows: • CVE-2020-0938 - Adobe Font Manager Library Remote Code Execution Vulnerability • CVE-2020-1020 - Adobe Font Manager Library Remote Code Execution Vulnerability The two zero-day vulnerabilities that have been publicly disclosed are as follows: • CVE-2020-0935 - OneDrive for Windows Elevation of Privilege Vulnerability • CVE-2020-1020 - Adobe Font Manager Library Remote Code Execution Vulnerability Further information about zero-day vulnerabilities can be found here. 2 | P a g e The table below illustrates a list of resolved vulnerabilities for April 2020’s Patch Tuesday Microsoft updates. Tag CVE ID CVE Title Severity Android App CVE-2020-0943 Microsoft YourPhone Application for Android Important Authentication Bypass Vulnerability Apps CVE-2020-1019 Microsoft RMS Sharing App for Mac Elevation of Important Privilege Vulnerability Microsoft CVE-2020-1050 Microsoft Dynamics 365 (On-Premise) Cross Site Important Dynamics Scripting Vulnerability Microsoft CVE-2020-1018 Microsoft Dynamics Business Central/NAV Information Important Dynamics Disclosure Microsoft CVE-2020-1049 Microsoft Dynamics 365 (On-Premise) Cross Site Important Dynamics Scripting Vulnerability Microsoft CVE-2020-1022 Dynamics Business Central Remote Code Execution Critical Dynamics Vulnerability Microsoft CVE-2020-0952 Windows GDI Information Disclosure Vulnerability Important Graphics Component Microsoft CVE-2020-0938 Adobe Font Manager Library Remote Code Execution Important Graphics Vulnerability Component Microsoft CVE-2020-0687 Microsoft Graphics Remote Code Execution Critical Graphics Vulnerability Component 3 | P a g e Microsoft CVE-2020-0987 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component Microsoft CVE-2020-1004 Windows Graphics Component Elevation of Privilege Important Graphics Vulnerability Component Microsoft CVE-2020-1005 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component Microsoft CVE-2020-0958 Win32k Elevation of Privilege Vulnerability Important Graphics Component Microsoft CVE-2020-0907 Microsoft Graphics Components Remote Code Critical Graphics Execution Vulnerability Component Microsoft CVE-2020-0982 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component Microsoft CVE-2020-0964 GDI+ Remote Code Execution Vulnerability Important Graphics Component Microsoft CVE-2020-1020 Adobe Font Manager Library Remote Code Execution Important Graphics Vulnerability Component Microsoft CVE-2020-0784 DirectX Elevation of Privilege Vulnerability Important Graphics Component Microsoft JET CVE-2020-0995 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability 4 | P a g e Microsoft JET CVE-2020-0999 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0988 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0992 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0994 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0953 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0889 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0959 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-0960 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft JET CVE-2020-1008 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability Microsoft Office CVE-2020-0979 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office CVE-2020-0980 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Office CVE-2020-0984 Microsoft (MAU) Office Elevation of Privilege Important Vulnerability Microsoft Office CVE-2020-0760 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office CVE-2020-0991 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office CVE-2020-0961 Microsoft Office Access Connectivity Engine Remote Important Code Execution Vulnerability 5 | P a g e Microsoft Office CVE-2020-0931 Microsoft SharePoint Remote Code Execution Critical Vulnerability Microsoft Office CVE-2020-0906 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office CVE-2020-0935 OneDrive for Windows Elevation of Privilege Important Vulnerability Microsoft Office CVE-2020-0927 Microsoft Office SharePoint XSS Vulnerability Critical SharePoint Microsoft Office CVE-2020-0923 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0925 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0924 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0932 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability Microsoft Office CVE-2020-0930 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0933 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0920 Microsoft SharePoint Remote Code Execution Important SharePoint Vulnerability Microsoft Office CVE-2020-0929 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability Microsoft Office CVE-2020-0971 Microsoft SharePoint Remote Code Execution Important SharePoint Vulnerability Microsoft Office CVE-2020-0975 Microsoft SharePoint Spoofing Vulnerability Important SharePoint 6 | P a g e Microsoft Office CVE-2020-0978 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0977 Microsoft SharePoint Spoofing Vulnerability Important SharePoint Microsoft Office CVE-2020-0976 Microsoft SharePoint Spoofing Vulnerability Important SharePoint Microsoft Office CVE-2020-0974 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability Microsoft Office CVE-2020-0973 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0972 Microsoft SharePoint Spoofing Vulnerability Important SharePoint Microsoft Office CVE-2020-0954 Microsoft Office SharePoint XSS Vulnerability Moderate SharePoint Microsoft Office CVE-2020-0926 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft CVE-2020-0968 Scripting Engine Memory Corruption Vulnerability Moderate Scripting Engine Microsoft CVE-2020-0966 VBScript Remote Code Execution Vulnerability Low Scripting Engine Microsoft CVE-2020-0895 Windows VBScript Engine Remote Code Execution Low Scripting Engine Vulnerability Microsoft CVE-2020-0969 Chakra Scripting Engine Memory Corruption Critical Scripting Engine Vulnerability Microsoft CVE-2020-0970 Scripting Engine Memory Corruption Vulnerability Critical Scripting Engine 7 | P a g e Microsoft CVE-2020-0967 VBScript Remote Code Execution Vulnerability Moderate Scripting Engine Microsoft CVE-2020-0942 Connected User Experiences and Telemetry Service Important Windows Elevation of Privilege Vulnerability Microsoft CVE-2020-0965 Microsoft Windows Codecs Library Remote Code Critical Windows Execution Vulnerability Microsoft CVE-2020-0940 Windows Push Notification Service Elevation of Important Windows Privilege Vulnerability Microsoft CVE-2020-0934 Windows Elevation of Privilege Vulnerability Important Windows Microsoft CVE-2020-1029 Connected User Experiences and Telemetry Service Important Windows Elevation of Privilege Vulnerability Microsoft CVE-2020-1011 Windows Elevation of Privilege Vulnerability Important Windows Microsoft CVE-2020-1094 Windows Work Folder Service
Recommended publications
  • Windows Kernel Hijacking Is Not an Option: Memoryranger Comes to The
    WINDOWS KERNEL HIJACKING IS NOT AN OPTION: MEMORYRANGER COMES TO THE RESCUE AGAIN Igor Korkin, PhD Independent Researcher Moscow, Russian Federation [email protected] ABSTRACT The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically allocated data in the Windows OS kernel and demonstrate the capacity of MemoryRanger to prevent these attacks. This paper discusses three new hijacking attacks on kernel data, which are based on bypassing OS security mechanisms. The first two hijacking attacks result in illegal access to files open in exclusive access. The third attack escalates process privileges, without applying token swapping. Although Windows security experts have issued new protection features, access attempts to the dynamically allocated data in the kernel are not fully controlled. MemoryRanger hypervisor is designed to fill this security gap. The updated MemoryRanger prevents these new attacks as well as supporting the Windows 10 1903 x64. Keywords: hypervisor-based protection, Windows kernel, hijacking attacks on memory, memory isolation, Kernel Data Protection. 1. INTRODUCTION the same high privilege level as the OS kernel, and they also include a variety The security of users’ data and of vulnerabilities. Researchers applications depends on the security of consider that “kernel modules (drivers) the OS kernel code and data. Modern introduce additional attack surface, as operating systems include millions of they have full access to the kernel’s lines of code, which makes it address space” (Yitbarek and Austin, impossible to reveal and remediate all 2019).
    [Show full text]
  • Leveraging Forticlient with Microsoft Defender: 6 Use Cases
    SOLUTION BRIEF Leveraging FortiClient with Microsoft Defender: 6 Use Cases Executive Overview A compromised endpoint can quickly infect an entire enterprise network—which FortiClient Features Include: is why endpoint devices are now a favorite target for cyber criminals. More than an endpoint protection platform that provides automated, next-generation threat nnSecurity Fabric Connector. protection, FortiClient connects endpoints with the Security Fabric. It enables Enables endpoint visibility and endpoint visibility and compliance throughout the Security Fabric architecture. compliance throughout the Combining FortiClient with OS-embedded protection, such as Microsoft Security Fabric architecture. Defender or Microsoft Defender ATP, enhances these capabilities, providing nnVulnerability scanning. an integrated endpoint and network security solution that reinforces enterprise Detects and patches endpoint defenses, reduces complexity, and enhances the end-user experience. vulnerabilities. nn Improving Protection of Endpoint Devices Anti-malware protection. Employs machine learning (ML), FortiClient provides automated threat protection and endpoint vulnerability scanning to help artificial intelligence (AI), and maintain endpoint security hygiene and deliver risk-based visibility across the Fortinet Security cloud-based threat detection Fabric architecture. As a result, organizations can identify and remediate vulnerabilities or in addition to pattern-based compromised hosts across the entire attack surface. malware detection. In some cases, customers may wish to take advantage of certain FortiClient features while nnAnti-exploit engine. Uses leaving existing third-party protections in place. For example, in instances where there are signatureless, behavior-based policies in an organization that require two different antivirus (AV) vendors on an endpoint protection against memory and for governance or compliance reasons, the need for FortiClient alongside a third-party AV fileless attacks; detects exploit solution such as Microsoft Defender is necessitated.
    [Show full text]
  • Guide to Hardening Windows 10 Technical Guide
    NOVEMBER 2020 Guide to Hardening Windows 10 For Administrators, Developers and Office Workers TABLE OF CONTENTS Introduction .......................................................................................................................... 4 Prerequisites ............................................................................................................................ 4 User roles ................................................................................................................................. 4 EFI (BIOS) Configuration ...................................................................................................... 5 To be enabled: ......................................................................................................................... 5 To be disabled: ......................................................................................................................... 5 Windows Defender Firewall .................................................................................................. 6 Enable logging of dropped packets ............................................................................................. 6 Disable enforcement of local rules and disable notifications .......................................................... 7 Block outbound connections by default ....................................................................................... 8 Secure potentially vulnerable protocols ......................................................................................
    [Show full text]
  • Microsoft Expands Capabilities and Platforms for Microsoft Defender ATP
    REPORT REPRINT Microsoft expands capabilities and platforms for Microsoft Defender ATP JULY 31 2020 By Fernando Montenegro The company has been pouring significant resources into growing its capabilities as a provider of security functionality. It appears to be making significant inroads into the endpoint security space, given its role behind the Windows OS and on account of its Defender ATP offering, which was recently updated. THIS REPORT, LICENSED TO MICROSOFT, DEVELOPED AND AS PROVIDED BY 451 RESEARCH, LLC, WAS PUBLISHED AS PART OF OUR SYNDICATED MARKET INSIGHT SUBSCRIPTION SER- VICE. IT SHALL BE OWNED IN ITS ENTIRETY BY 451 RESEARCH, LLC. THIS REPORT IS SOLELY INTENDED FOR USE BY THE RECIPIENT AND MAY NOT BE REPRODUCED OR RE-POSTED, IN WHOLE OR IN PART, BY THE RECIPIENT WITHOUT EXPRESS PERMISSION FROM 451 RESEARCH. ©2020 451 Research, LLC | WWW.451RESEARCH.COM REPORT REPRINT Introduction Endpoint security had been growing in importance as a key component of security architecture even before the COVID-19 health crisis. Back then, key trends such as user mobility, BYOD and increased use of encryption already meant that properly securing and capturing telemetry from endpoints was crucial for protection, detection and incident response. The COVID-19 crisis merely accelerated this as network connectivity patterns changed and corporate offices sat empty. In recent years the endpoint security market has seen significant change, including the rise in popularity of Microsoft’s offerings, particularly its Microsoft Defender Advanced Threat Protection (MDATP) component. The company has been expanding the capabilities of the product as it adds support for new environments and partners.
    [Show full text]
  • Microsoft Patches Were Evaluated up to and Including CVE-2020-1587
    Honeywell Commercial Security 2700 Blankenbaker Pkwy, Suite 150 Louisville, KY 40299 Phone: 1-502-297-5700 Phone: 1-800-323-4576 Fax: 1-502-666-7021 https://www.security.honeywell.com The purpose of this document is to identify the patches that have been delivered by Microsoft® which have been tested against Pro-Watch. All the below listed patches have been tested against the current shipping version of Pro-Watch with no adverse effects being observed. Microsoft Patches were evaluated up to and including CVE-2020-1587. Patches not listed below are not applicable to a Pro-Watch system. 2020 – Microsoft® Patches Tested with Pro-Watch CVE-2020-1587 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2020-1584 Windows dnsrslvr.dll Elevation of Privilege Vulnerability CVE-2020-1579 Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability CVE-2020-1578 Windows Kernel Information Disclosure Vulnerability CVE-2020-1577 DirectWrite Information Disclosure Vulnerability CVE-2020-1570 Scripting Engine Memory Corruption Vulnerability CVE-2020-1569 Microsoft Edge Memory Corruption Vulnerability CVE-2020-1568 Microsoft Edge PDF Remote Code Execution Vulnerability CVE-2020-1567 MSHTML Engine Remote Code Execution Vulnerability CVE-2020-1566 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-1565 Windows Elevation of Privilege Vulnerability CVE-2020-1564 Jet Database Engine Remote Code Execution Vulnerability CVE-2020-1562 Microsoft Graphics Components Remote Code Execution Vulnerability
    [Show full text]
  • Microsoft Defender ATP.Pdf
    Traditional Approach THE SENSORS FABRIC WE DEPLOY Threat Intelligence (TIaaS) Data Loss Prevention Cloud (Office IP/DLP) Directory Services Malware Detection Cloud DC Management User/Entity Behavior Analytics (AAD) (Office ATP/Sonar) (ASC) (AADIP) Classification and Information Protection (AIP) Cloud Application Federation Services Security Broker (ADFS) (MCAS) User/Entity Behavior Analytics (ATA) On Premises On Premises Directory Mobile Device Management DC Management Services (Intune) (OMS) (AD) Endpoint Protection (Defender) LOCALIZED INTELLIGENCE Threat Intelligence (TIaaS) Cloud Data Loss Prevention Directory Services (Office IP/DLP) Malware Detection Cloud DC Management User/Entity Behavior Analytics (AAD) (Office ATP) (ASC) (AADIP) Classification and Information Protection (AIP) Cloud Application Federation Services Security Broker (ADFS) (MCAS) User/Entity Behavior Analytics (ATA) On Premises On Premises Directory Mobile Device Management DC Management Services (Intune) (OMS) (AD) Endpoint Protection (Defender) Microsoft Azure Windows Defender Advanced Threat Protection rules Require the device to be at or under the machine risk score: Set up a connection to Windows Defender Advanced Threat Protection Microsoft 365 ATP | Windows Machine Search for machine, user, file, IP and URL [email protected] Smith m Security operation dashboard Open incidents Statistics Attention required (41) Incidents severities Incident in-progress #1067 In progress Jon-Smith-Lap HIGH MEDIUM LOW INFORMATIONAL Golden ticket compromise: user permissions
    [Show full text]
  • Summary Report 2020 Awards, Winners, Comments
    Independent Tests of Anti-Virus Software Summary Report 2020 Awards, winners, comments TEST PERIOD : 2020 LANGUAGE : ENGLISH LAST REVISION : 15TH JANUARY 2021 WWW.AV-COMPARATIVES.ORG Summary Report 2020 www.av-comparatives.org Content INTRODUCTION 3 MANAGEMENT SUMMARY 5 ANNUAL AWARDS 9 PRICING 16 USER EXPERIENCE REVIEW 18 AVAST FREE ANTIVIRUS 21 AVG ANTIVIRUS FREE 24 AVIRA ANTIVIRUS PRO 27 BITDEFENDER INTERNET SECURITY 30 ESET INTERNET SECURITY 34 F-SECURE SAFE 38 G DATA INTERNET SECURITY 41 K7 TOTAL SECURITY 45 KASPERSKY INTERNET SECURITY 48 MCAFEE TOTAL PROTECTION 52 MICROSOFT DEFENDER ANTIVIRUS 55 NORTONLIFELOCK NORTON 360 DELUXE 58 PANDA FREE ANTIVIRUS 61 TOTAL AV ANTIVIRUS PRO 64 TOTAL DEFENSE ESSENTIAL ANTI-VIRUS 67 TREND MICRO INTERNET SECURITY 70 VIPRE ADVANCED SECURITY 73 FEATURELIST COMES HERE 76 COPYRIGHT AND DISCLAIMER 77 2 Summary Report 2020 www.av-comparatives.org Introduction About AV-Comparatives We are an independent test lab, providing rigorous testing of security software products. We were founded in 2004 and are based in Innsbruck, Austria. AV-Comparatives is an ISO 9001:2015 certified organisation. We received the TÜV Austria certificate for our management system for the scope: “Independent Tests of Anti-Virus Software”. http://www.av-comparatives.org/iso-certification/ AV-Comparatives is the first certified EICAR Trusted IT-Security Lab http://www.av-comparatives.org/eicar-trusted-lab/ At the end of every year, AV-Comparatives releases a Summary Report to comment on the various consumer anti-virus products tested over the course of the year, and to highlight the high-scoring products of the different tests that took place over the twelve months.
    [Show full text]
  • Ribb"IT" Review Amazon Echo Is Always Listening
    Ribb"IT" Review Amazon Echo is Always Listening Amazon has admitted to employing “What appears thousands of people worldwide who are tasked with listening in on private conversations through its Echo line of to be the end speakers using the Alexa digital assistant, and the workers are revealing what they've heard. of the road What are the details? may simply be Bloomberg reported that Amazon has What else have they heard? teams of folks around the world tasked with transcribing recordings pulled The Daily Mail noted that "concerns have a bend in the from Echo customers' homes and been raised by some in the past that offices. In one shift, the analysts will smart speaker systems could be used to listen in on as many as 1,000 clips, [listen in on] user conversations, often road.” which the firm says is minuscule with the aim of targeting users with considering the tens of millions of advertising." But the analysts are hearing much more than just costumers' -Robert H. Schuller people who own the systems. interests. A company spokesman explained, "We According to the Mail, Amazon workers only annotate an extremely small have admitted to listening in on people sample of Alexa voice recordings in singing in the shower, discussing bank May 2019 order [to] improve the customer account details, and conducting other experience. For example, this intimate exchanges. Staffers have also Issue 4, Volume 9 information helps us train our speech raised the alarm when overhearing recognition and natural language distressing situations like a child calling understanding system, so Alexa can This monthly publication out for help, and instances where a provided courtesy of Alex better understand your requests, and sexual assault might have occurred.
    [Show full text]
  • MICROSOFT DEFENDER All You Need to Know
    LICENSING FOR MICROSOFT DEFENDER All you need to know Windows Defender vs Microsoft Defender Which is the difference? Microsoft Defender is an endpoint detection & response component of Microsoft Windows. It was previously known as Windows Defender, but when it started to be available for other operative systems (after Windows 10 Creators Update), it was renamed Microsoft Defender. WINDOWS DEFENDER FOR... MICROSOFT DEFENDER FOR... MICROSOFT 365 DEFENDER PRODUCTS: Microsoft Defender for Endpoint: unified endpoint platform for prevention, post-breach detection, automated investigation, and required response. Microsoft Defender for Office 365: malicious threats posed by emails, links and collaboration tools. Microsoft Defender for Identity: used to identify threats due to compromised identities or malicious insiders. Microsoft Cloud App Security: add protection to SAAS applications. Licensing requirements GET MICROSOFT 365 DEFENDER FEATURES WITH ONE OF THESE LICENSES: Microsoft 365 E5 or A5 Microsoft 365 E3 with the Microsoft 365 E5 Security add-on Microsoft 365 A3 with the Microsoft 365 A5 Security add-on Windows 10 Enterprise E5 or A5 Enterprise Mobility + Security (EMS) E5 or A5 Office 365 E5 or A5 Microsoft Defender for Endpoint Microsoft Defender for Identity Microsoft Cloud App Security Defender for Office 365 (Plan 2) MICROSOFT DEFENDER FOR ENDPOINT REQUIRES ONE OF THE FOLLOWING: Windows 10 Enterprise E5 Windows 10 Education A5 Microsoft 365 E5 (M365 E5) Microsoft 365 A5 (M365 A5) Microsoft 365 E5 Security Microsoft 365 A5 Security
    [Show full text]
  • Microsoft 365 Certified Modern Desktop Administrator Associate Skills
    Microsoft 365 Certified: Modern Desktop Administrator Associate – Skills Measured Deploy Windows Deploy Windows 10 configure language packs migrate user data perform a clean installation perform an in-place upgrade (using tools such as MDT, WDS, ADK, etc.) select the appropriate Windows edition troubleshoot activation issues Perform post-installation configuration configure Edge and Internet Explorer configure mobility settings configure sign-in options customize the Windows desktop Manage devices and data Manage local users, local groups, and devices manage devices in directories manage local groups manage local users Configure data access and protection configure NTFS permissions configure shared permissions Configure devices by using local policies configure local registry implement local policy troubleshoot group policies on devices Manage Windows security Vragen of in contact komen? Vijfhart is dé partner voor role-based 088 - 542 78 48 certificeringen. Voor meer informatie [email protected] kijk op www.vijfhart.nl configure user account control (UAC) configure Windows Defender Firewall implement encryption Configure connectivity Configure networking configure client IP settings configure mobile networking configure VPN client troubleshoot networking configure Wi-Fi profiles Configure remote connectivity configure remote management enable PowerShell Remoting configure remote desktop access Maintain Windows Configure system and data recovery perform file recovery (including OneDrive) recover Windows 10 troubleshoot startup/boot process Manage updates check for updates troubleshoot updates validate and test updates select the appropriate servicing channel configure Windows update options Monitor and manage Windows configure and analyze event logs manage performance manage Windows 10 environment Deploy and update operating systems Vragen of in contact komen? Vijfhart is dé partner voor role-based 088 - 542 78 48 certificeringen.
    [Show full text]
  • Tanium™ Enforce User Guide
    Tanium™ Enforce User Guide Version 1.4.8 December 09, 2020 The information in this document is subject to change without notice. Further, the information provided in this document is provided “as is” and is believed to be accurate, but is presented without any warranty of any kind, express or implied, except as provided in Tanium’s customer sales terms and conditions. Unless so otherwise provided, Tanium assumes no liability whatsoever, and in no event shall Tanium or its suppliers be liable for any indirect, special, consequential, or incidental damages, including without limitation, lost profits or loss or damage to data arising out of the use or inability to use this document, even if Tanium Inc. has been advised of the possibility of such damages. Any IP addresses used in this document are not intended to be actual addresses. Any examples, command display output, network topology diagrams, and other figures included in this document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. Please visit https://docs.tanium.com for the most current Tanium product documentation. This documentation may provide access to or information about content, products (including hardware and software), and services provided by third parties (“Third Party Items”). With respect to such Third Party Items, Tanium Inc. and its affiliates (i) are not responsible for such items, and expressly disclaim all warranties and liability of any kind related to such Third Party Items and (ii) will not be responsible for any loss, costs, or damages incurred due to your access to or use of such Third Party Items unless expressly set forth otherwise in an applicable agreement between you and Tanium.
    [Show full text]
  • Windows Security on Disconnected Devices
    Windows security on disconnected devices Windows security on disconnected devices Iaan D’Souza-Wiltshire Windows security on disconnected devices Contributors Yong Rhee, Chris Jackson, Amitai Rottem, Bhavna Soman This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. Copyright © 2019 Microsoft Corporation. All rights reserved. Please refer to Microsoft Trademarks (https://aka.ms/MSTrademarks) for a list of trademarked products. The names of actual companies and products mentioned herein may be the trademarks of their respective owners 2 of 21 Contents Disconnected scenario definitions ................................................................................................................................................. 6 Considerations for a disconnected device security policy .............................................................................................. 8 Types of disconnected scenarios .............................................................................................................................................. 9 Gatekeeping .......................................................................................................................................................................................
    [Show full text]