1-800-264-9029|602-266-8500
  • Course Schedule
    • Microsoft Training
      • Windows 10
      • Teams / Microsoft 365 / MS365
      • Windows Server 2019
      • Windows Server 2016
      • SQL Server
      • Power BI
      • Power Platform
      • Azure
      • Data Engineering / Machine Learning
      • Artificial Intelligence (AI)
      • Exchange Server
      • PowerShell
      • System Center
      • SharePoint
      • IIS
    • Cloud Computing
      • Azure
      • Amazon Cloud (AWS)
    • Developer Training
      • DevOps
      • Docker Kubernetes
      • Web Development
      • .NET Development and Visual Studio
      • Java Programming
      • Python
    • Cisco Training
      • Cisco CCNA Routing & Switching
      • Cisco Training – HD TelePresence
    • CompTIA Certification
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
    • Business Training
      • Project Management
      • ITIL
      • NIST
      • Business Analysis
      • Agile
    • IT Security Training
      • CISSP / CEH / PKI / Security
      • NIST
    • Wireless / Wireshark Training
      • Wireless Networking
      • Wireshark
    • Red Hat
      • Red Hat – Linux
      • Red Hat – DevOps
    • Other Training
      • VMware
      • NetApp
      • F5 Networks
      • Salesforce
      • Citrix
  • Subscription Schedule
  • RemoteLive™
  • Replay™
  • Video Courses
  • Resources
    • Tech Blogs
    • Tech Videos
    • Microsoft Learn Catalog
  • About
    • Instructors
    • Interface Gold™ Benefits
    • TechPaks
    • Our Video Training Timeline
    • Training Room Rental
    • Group Training & Private Classes
    • Contact

Group Policy Preferences Could Allow for Elevation of Privilege

Home > Blogs > Windows Server 2012 > Group Policy Preferences Could Allow for Elevation of Privilege

Group Policy Preferences Could Allow for Elevation of Privilege

Like This Blog 0 Rick Trader
Added by Rick Trader November 18, 2015

If you are using GPO Preferences to distribute passwords across your domain, you could be allowing a hacker to be able to retrieve those passwords. Passwords are stored as part of the GPO and can be retrieved and decrypted by an attacker. These passwords are stored in the GPO as the CPassword attribute.

For instructor-led Windows Server 2012 Training, see our class schedule.

The following Group Policy Preferences allowed an administrator to distribute passwords:

  • Map Drives
  • Local Users and Groups
  • Scheduled Tasks
  • Services and
  • Data Sources

This vulnerability is fully explained in Microsoft Security Bulleting MS14-025. The link to the article is Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486). To prevent an administrator from inadvertently setting a password with GPO Preferences apply the updates linked in the article.

Once the updates are applied when an administrator opens one of the preferences mentioned above the following dialog box will appear.

001-Group-Policy-Preferences-Security-Warning-Windows-Server

If an administrator clicks into the User Account field or Password field in the preference the following dialog box will appear.

002-Group-Policy-Preferences-Security-CPPassword-Windows-Server

For more information on CPasswords check out the following article, MS14-025: Vulnerability in Group Policy Preferences could allow elevation of privilege.

If administrators have been deploying passwords with GPO Preferences there is a PowerShell Script included in the above article to help locate those GPOs.

User names and passwords can still be configured using PowerShell scripts when this situation is required.

Until next time, RIDE SAFE!

Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ

Subscribe to this author's posts feed via RSS

You May Also Like

  • Using Navigation Controls in a Collaboration Site in SharePoint
    Using Navigation Controls in a Collaboration Site in…
  • Cisco IOS - The Difference Between Login and Login Local
    Cisco IOS - The Difference Between Login and Login Local
  • Windows 10 – Basic Desktop and Navigation
    Windows 10 – Basic Desktop and Navigation
  • How to Connect Your GNS3 Environment to VirtualBox in Windows 8
    How to Connect Your GNS3 Environment to VirtualBox…
Category Windows Server 2012

Tags

CPassword, CPO, Group Policy Preferences, Group Policy Vulnerability, Hacked Group Policy, Microsoft Security Bulleting, User Account field

Videos You May Like

Creating Users and Managing Passwords in Microsoft Office 365

Creating Users and Managing Passwords in Microsoft Office 365

0 706 3

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.   For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365    

Windows 10 Features and Navigation – December 1, 2015

Windows 10 Features and Navigation – December 1, 2015

0 122 1

In this recorded Windows 10 webinar from December 1,2015, Windows Instructor Steve Fullmer presents the navigation and some of the new features associated with Windows 10 including Sysinternals Tools for Windows Client, Windows core concepts, exploring Process Explorer as well as some of the features that are not yet ready for prime time but will … Continue reading Windows 10 Features and Navigation – December 1, 2015

How to clone a Windows Server 2012 or 2012 R2 Domain Controller

How to clone a Windows Server 2012 or 2012 R2 Domain Controller

3 1604 3

One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller

Write a Comment

Share your thoughts... Cancel reply

Please fill out the comment form below to post a reply.

ITIL 4 Promotion

Blogs by Technology

  • Amazon AWS (2)
  • Azure Cloud Computing (2)
  • Business Analysis (8)
  • Cisco (125)
  • CompTIA (71)
  • Developer Visual Studio / ASP.NET (62)
  • Exchange Server (47)
  • ITIL / COBIT (33)
  • Lync Server (3)
  • Office 365 (5)
  • PMP Project Management (63)
  • PowerShell (81)
  • Security (47)
  • SharePoint (93)
  • SQL Server (78)
  • System Center (13)
  • Web Development (60)
  • Windows 10 (65)
  • Windows 7 (124)
  • Windows 8 (85)
  • Windows Server (74)
  • Windows Server 2012 (90)
  • Windows Server 2016 (14)
  • Wireless (9)
  • Wireshark (5)

Blogs by Instructor

  • Dan Wahlin (44)
  • Don Jones (15)
  • Dr. Avril Salter (6)
  • Greg Richard (1)
  • Interface (49)
  • Jason Helmick (38)
  • Jeff Jones (18)
  • Jeremy Cioara (8)
  • Mark Jacob (125)
  • Mark Thomas (28)
  • Mike Danseglio (93)
  • Mike Pfeiffer (35)
  • Peter Avila (32)
  • Rick Trader (127)
  • Spike Xavier (86)
  • Steve Fullmer (163)
  • Suzanne Van Hove (1)

Blogs You May Like

  • Understanding Primary and Secondary DNS Zones and how to setup Forward and Reverse Lookup Zones
  • Understanding Network Cable Testers
  • How to Configure Navigation in SharePoint Publishing Sites
  • Using Navigation Controls in a Collaboration Site in SharePoint
  • Windows 10 – Deployment Wipe-and-Load, In-Place and Provisioning
  • Windows 10 – Basic Desktop and Navigation

Video Courses

  • ITIL 4 Foundation Certification Video Training Course
  • Project Management Professional (PMP®) Certification Video Training PMBOK® 6th Edition
  • PMI-PBA Business Analysis for IT Analysts and Project Managers (PMI-PBA)® Certification
  • SharePoint Designer 2013 for American Express
  • CompTIA Network+ (Coming Soon!)
  • CompTIA Security+ (Coming Soon!)
  • CompTIA A+ Certification Core 1 1001 (Coming Soon)
  • CompTIA A+ Certification Core 2 1002 (Coming Soon)

Live Training Courses

  • NET+007: CompTIA Network+ Certification Training + N10- 007 Exam
  • PowerShell - 10961: Automating Administration with Windows PowerShell
  • ITIL4® Foundation Certification Course with Exam
  • AZ-100: Azure Infrastructure and Deployment Training
  • PMI-PBA: Business Analysis for IT Analysts and Project Managers (PMI-PBA Certification)
  • Cisco CCNA - ICND1v3 Interconnecting Cisco Networking Devices CCNA Part 1
  • COBIT205: COBIT® 5 Foundation and Implementation IT Governance Training
  • DEV415: Microservices with ASP.NET Core and Docker
  • IT Security - SEC+501: CompTIA Security+ with Certification Exam SY0-501
  • SQL Server - SQL101: Introduction to Transact SQL
Facebook
Twitter
Linked In
Comment
EMAIL

About Us

  • Interface Gold™ Benefits
  • TechPaks
  • Training Room Rental
  • Group Training & Private Classes

Contact Us

3115 N 3rd Ave
G130
Phoenix, AZ 85013

602-266-8500

Stay in touch on our social channels!
Twitter
Facebook
LinkedIn
State of Arizona Contract # ADSPO18-210228

Copyright © 2021 Interface Technical Training. All Rights Reserved.

Interface Live Training Terms and Conditions Terms of Use Microsoft Subscription Terms and Conditions Privacy Policy WIOA Policy

We are OPEN! All live classes 100% available with RemoteLive!Learn More
+ +