Which Active Directory Group Policies are being Applied to your Accounts

Playing a bit of detective, I started reviewing Active Directory Group Policies that had been applied to workstations, in an attempt to resolve a few reported concerns regarding polices being applied successfully.

Using the gpresult command I was able to output all of the polices applied. The command requires the specification of scope to be issued correctly.  Example below:

 

Policies applied to your user account:

gpresult /Scope User /v

 

Policies applied to your Computer:

gpresult /Scope Computer /v

Ref: https://technet.microsoft.com/en-us/library/dn265978(v=ws.11).aspx

Only settings that have been applied to your machine and user account will show up.

 

Oh! And yes there is Graphical Interface for this tool.
You can get to it by executing the following steps below:

Type rsop.msc into the run box , then hit enter

A pop-up dialog will show while querying your system.

Once the console opens you will be able to see which settings have been applied to your PC.

 

 

Blank Screen at Office 365 Login Page

Unsure what is going on with the Office 365 Infrastructure, however I have been having major issues all morning getting into my portal to manage resources. I’ve attempted multiple browsers without any further resolution to this issue.

https://portal.office.com/adminportal/home shows only a blank page.

 

Down Detector is showing an increased report of users facing incidents

Ref: http://downdetector.com/status/office-365

Anyone else having this same issue

 

News: Canonical Releases Ubuntu Kernel Updates for Meltdown / Spectre

No need to go into the back story on this.  If you are reading this, there is a chance you’ve already read other reports on what Meltdown / Spectre and the perceived risks.

Cononical made a public statement last week to provide a patch for supported Ubuntu releases against Meltdown and Spectre security vulnerabilities, and the first set of patches are now available in the stable software repositories of Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.

ref: https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

For Ubuntu 17.10 (Artful Aardvark), the updated kernel also patches four other security issues related to the Berkeley Packet Filter (BPF) implementation in the Linux kernel, which could allow a local attacker to execute arbitrary code or crash the system by causing a denial of service (CVE-2017-17863, CVE-2017-16995, CVE-2017-17862, and CVE-2017-17864).

 

Microsoft: Meltdown and Spectre Check via PowerShell

Like many folks around the world, I was wondering if this Meltdown and Spectre flaw would impact my computers and virtual machines.  Microsoft has started to release emergency fixes for Windows 10 and its been said that Windows 8 and legacy 7 will also receive patches.

Microsoft has released a PowerShell script that lets users check whether they have protection in place.

Steps to take:

  1. Open PowerShell (I like to use PowerShell ISE)
  2. Run PowerShell as as Administrator.
  3. Type Install-Module SpeculationControl and press Enter.
  4. When the installation completes, type Import-Module SpeculationControl and press Enter.
  5. Type Get-SpeculationControlSettings and press Enter.

In the list of results that’s displayed, you’re looking to see that a series of protections are enabled — this will be listed as True.  Ref: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Should reassemble 

Speculation control settings for CVE-2017-5715 [branch target injection]

  • Hardware support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

  • Hardware requires kernel VA shadowing: True
  • Windows OS support for kernel VA shadow is present: True
  • Windows OS support for kernel VA shadow is enabled: True
  • Windows OS support for PCID optimization is enabled: True

 

 

 

Meltdown & Spectre: Windows Security Update KB4056892

If you are reading this, chances are that you already know about the current security flaw discovered in what has been coined “modern processor chips” that could allow hackers to access data such as passwords, encryption keys and other information you want kept private.

Microsoft has released an out-of-band emergency patch for Windows 10 which should be installed as soon as possible. If you have yet to receive the patch via Windows Update, you can manually install it by going to this Windows Update Catalog page.   You can also check for updates

*note* check with your IT department when in doubt.

Ref URL: https://www.catalog.update.microsoft.com/Search.aspx?q=kb4056892

 

Included in this update:

his update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

Source: https://support.microsoft.com/en-us/help/4056892