Server Message Block [SMB]

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory. The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application’s implementation. Arbitrary code execution can provide a threat actor with full […]

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps Continue Reading

Windows Server 2025 vs 2022: Detailed Overview

Windows Server 2025 represents the next evolution of Microsoft’s server operating system, aiming to enhance security, performance, scalability, and IT infrastructure management. This blog post will provide a detailed comparison of Windows Server 2025 and its predecessor, Windows Server 2022. Windows Server 2022: A Recap Windows Server 2022 is built on the strong foundation of

Windows Server 2025 vs 2022: Detailed Overview Continue Reading

Windows Insider build 26090 brings small changes for SMB

Heya folks, Ned here again. We continue to make SMB changes to Windows vNext and Windows Server 2025 based on customer feedback and last mile work. With the release of Windows 11 Insider Preview Build 26090 (Canary and Dev Channels), we have a few more small ones. Some of these were based on Insider feedback from customers –

Windows Insider build 26090 brings small changes for SMB Continue Reading

Azure Firewall: Comprehensive Comparison & Best Practices

Azure Firewall, a managed, cloud-based network security service, is an essential component of Azure’s security offerings. It comes in three different versions – Basic, Standard, and Premium – each designed to cater to a wide range of customer use cases and preferences. This blog post will provide a comprehensive comparison of these versions, discuss best

Azure Firewall: Comprehensive Comparison & Best Practices Continue Reading

SMB client encryption mandate now supported in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25982  (Canary Channel) and Windows Server Preview Build 25997, SMB now supports requiring encryption of all outbound SMB client connections. With this new option, administrators can mandate that all destination servers support SMB 3.x and encryption, and if missing those capabilities, the client won’t connect. This

SMB client encryption mandate now supported in Windows Insider Continue Reading

Introducing Windows Server 2025 running in Azure #Winsrv #Azure #Security #Windowsinsiders

Microsoft’s newest iteration, Windows Server 2025, signifies a major advancement in server technology. This release is brimming with novel features and improvements, specifically designed to enhance performance in virtual settings like Hyper-V. A notable inclusion is the extension of hotpatching capabilities to servers outside of Azure, a pioneering step aimed at minimizing downtime and optimizing

Introducing Windows Server 2025 running in Azure #Winsrv #Azure #Security #Windowsinsiders Continue Reading

Reflecting on 2023—Azure Storage

The beginning of a new year often prompts reflection along with planning for the future. At the forefront of our priorities lies the commitment to enhance the Azure platform and its ecosystem, fuel groundbreaking AI solutions, and facilitate seamless migrations to the cloud. We achieve this through purpose-built storage solutions tailored to meet the unique

Reflecting on 2023—Azure Storage Continue Reading

The beginning of the end of Remote Mailslots as part of Windows Insider

Heya folks, Ned here again. With the release of Windows 11 Insider Preview Build 25314 and Windows Server Preview Build 25314, we have started disabling the Remote Mailslot protocol by default. This is a precursor to deprecation and eventual removal from Windows. You aren’t using this extremely legacy protocol unless you’re also using the deprecated and disabled-by-default SMB1 protocol,

The beginning of the end of Remote Mailslots as part of Windows Insider Continue Reading

SMB over QUIC client access control now supported in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25977 (Canary Channel) and Windows Server Preview Build 25997, SMB over QUIC now supports access control for clients. Today I’ll explain how this works, what the advantages are, and how to set it up. SMB over QUIC SMB over QUIC introduced an alternative to TCP and

SMB over QUIC client access control now supported in Windows Insider Continue Reading

KRB_AP_ERR_BAD_INTEGRITY

First cousin once removed to KRB_AP_ERR_MODIFIED Most anyone who would be interested in reading an article like this has very likely encountered the error, KRB_AP_ERR_MODIFIED. This error tells us one thing: The account secret (aka password hash) that is being used to decipher the ticket cannot decipher the ticket. The most common reasons are: The

KRB_AP_ERR_BAD_INTEGRITY Continue Reading