Group Policy Preferences Could Allow for Elevation of Privilege
Group Policy Preferences Could Allow for Elevation of Privilege
If you are using GPO Preferences to distribute passwords across your domain, you could be allowing a hacker to be able to retrieve those passwords. Passwords are stored as part of the GPO and can be retrieved and decrypted by an attacker. These passwords are stored in the GPO as the CPassword attribute.
For instructor-led Windows Server 2012 Training, see our class schedule.
The following Group Policy Preferences allowed an administrator to distribute passwords:
- Map Drives
- Local Users and Groups
- Scheduled Tasks
- Services and
- Data Sources
This vulnerability is fully explained in Microsoft Security Bulleting MS14-025. The link to the article is Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486). To prevent an administrator from inadvertently setting a password with GPO Preferences apply the updates linked in the article.
Once the updates are applied when an administrator opens one of the preferences mentioned above the following dialog box will appear.
If an administrator clicks into the User Account field or Password field in the preference the following dialog box will appear.
For more information on CPasswords check out the following article, MS14-025: Vulnerability in Group Policy Preferences could allow elevation of privilege.
If administrators have been deploying passwords with GPO Preferences there is a PowerShell Script included in the above article to help locate those GPOs.
User names and passwords can still be configured using PowerShell scripts when this situation is required.
Until next time, RIDE SAFE!
Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ
You May Also Like
Creating Users and Managing Passwords in Microsoft Office 365
0 706 3In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365. For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365
Windows 10 Features and Navigation – December 1, 2015
0 122 1In this recorded Windows 10 webinar from December 1,2015, Windows Instructor Steve Fullmer presents the navigation and some of the new features associated with Windows 10 including Sysinternals Tools for Windows Client, Windows core concepts, exploring Process Explorer as well as some of the features that are not yet ready for prime time but will … Continue reading Windows 10 Features and Navigation – December 1, 2015
How to clone a Windows Server 2012 or 2012 R2 Domain Controller
3 1604 3One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller