Just a month after Windows Server 2012 Windows Server 2012 R2 and Windows Embedded Server 2012 R2 reached end of support now Microsoft has announced that administrators are able to get three additional years of Extended Security Update (ESU)
Microsoft Workaround – until a fix is available to address this LSASS memory leak issue a temporary solution allows IT admins to work around domain controller instability
These updates will not be installed via Microsoft Update to computers with a Client operating system that have a supported major/minor version such as .NET Core 2.1, 3.1 or .NET 5.0 already installed
Configuring Products for synchronization in Windows Server Update Services (WSUS) Products – Updates for .NET Core will be published under .NET Core 2.1 .NET Core 3.1 .NET 5.0 products in WSUS and these products are nested under the Developer Tools Runtimes and Redistributables top level product
Die Bildschirmtastatur (OSK) – ist eine virtuelle Tastatur auf ihrem Bildschirm mit der sie auch ihr Passwort ändern können und so geht’s:
Drücken sie Windows-Taste+R um das Dialogfeld ”Ausführen” aufzurufen geben sie im Dialogfeld ”Ausführen” ‚osk‘ ein und drücken sie die Eingabetaste um die Bildschirmtastatur zu starten halten sie als nächstes die Tastenkombination STRG+ALT auf ihrer physischen Tastatur und klicken sie nun auf die ENTF-Taste mit der OSK Tastatur und minimieren sie die virtuelle Tastatur und klicken sie auf Passwort ändern
Verwenden Sie STRG+ALT+END anstelle von STRG+ALT+DEL
Apache Guacamole – open the registry editor ‚regedit‘ and make the following settings
This should work without reboot
Microsoft Windows Server 2012 – KB5010797 Out-of-Band-Update 17.01.2022
The latest Windows Server updates are causing severe issues for administrators with domain controllers having spontaneous reboots Hyper-V not starting and inaccessible ReFS volumes until the updates are rolled back
Eine Lösung scheint die Deinstallation von KB50009624 und KB009595 auf betroffenen Systemen mittels Konsolenkommandos zu sein z.B.: für Microsoft Windows Server 2012
Microsoft listet auf der Windows Release Health Webseite Windows Server 2012 R2 Server 2016 sowie Server 2019 als betroffen auf während das Update KB5010215 die Probleme unter Windows Server 2012 R2 behebt löst KB5010196 es für Windows Server 2019
Microsoft Windows Print Spooler – remote code execution vulnerability
Determine if the Print Spooler service is running (run as a Domain Admin)
Run the following as a Domain Admin:
Get-Service -Name Spooler
If the Print Spooler is running or if the service is not set to disabled, select one of the following options to either disable the Print Spooler service, or to Disable inbound remote printing through Group Policy:
Option 1 – Disable the Print Spooler service
If disabling the Print Spooler service is appropriate for your enterprise, use the following PowerShell commands:
Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled
Impact of workaround Disabling the Print Spooler service disables the ability to print both locally and remotely.
Option 2 – Disable inbound remote printing through Group Policy
You can also configure the settings via Group Policy as follows:
Computer Configuration / Administrative Templates / Printers
Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks.
Impact of workaround This policy will block the remote attack vector by preventing inbound remote printing operations. The system will no longer function as a print server, but local printing to a directly attached device will still be possible.