Group Policy Preferences Could Allow for Elevation of Privilege
Group Policy Preferences Could Allow for Elevation of Privilege
If you are using GPO Preferences to distribute passwords across your domain, you could be allowing a hacker to be able to retrieve those passwords. Passwords are stored as part of the GPO and can be retrieved and decrypted by an attacker. These passwords are stored in the GPO as the CPassword attribute.
For instructor-led Windows Server 2012 Training, see our class schedule.
The following Group Policy Preferences allowed an administrator to distribute passwords:
- Map Drives
- Local Users and Groups
- Scheduled Tasks
- Services and
- Data Sources
This vulnerability is fully explained in Microsoft Security Bulleting MS14-025. The link to the article is Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486). To prevent an administrator from inadvertently setting a password with GPO Preferences apply the updates linked in the article.
Once the updates are applied when an administrator opens one of the preferences mentioned above the following dialog box will appear.
If an administrator clicks into the User Account field or Password field in the preference the following dialog box will appear.
For more information on CPasswords check out the following article, MS14-025: Vulnerability in Group Policy Preferences could allow elevation of privilege.
If administrators have been deploying passwords with GPO Preferences there is a PowerShell Script included in the above article to help locate those GPOs.
User names and passwords can still be configured using PowerShell scripts when this situation is required.
Until next time, RIDE SAFE!
Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ
You May Also Like
A Simple Introduction to Cisco CML2
0 3852 0Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2
Cable Testers and How to Use them in Network Environments
0 713 1This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments
Government Edition – Encrypting a USB Flash Drive in Windows 10
0 272 2In this video, Security Instructor Mike Danseglio demonstrates how to use BitLocker in Window 10 to secure files on a USB Flash drive that adhere to stricter data protection requirements as found inside Government entities. BitLocker 2-day instructor-led training is now available at Interface: BITLOCK: Planning and Deploying BitLocker Drive Encryption Training Video Transcription: Hi. … Continue reading Government Edition – Encrypting a USB Flash Drive in Windows 10