Archive for 'Security-related'

HomeSecurity-related

Disabling Print Screen through Group Policy

Posted by:

Recently someone asked if it was possible to disable the print screen functionality on their keyboard through Group Policy. My initial response was that I had never seen a policy setting to do this, and indeed I figured that you would need to do some low level trapping of keyboard commands to make this work. That is, until I discovered the Keyboard Scancode Map. The Scancode Map is a way of assigning (and unassigning) functionality ...

Continue Reading →
1
OCT
0

Categories: Group Policy Preferences, Security-related

Tags: , ,

Using GP Preferences to protect against the zero-day shortcut vulnerability

Posted by:

Microsoft recently announced a new security vulnerability in Windows shortcuts that affects all versions of Windows since XP! Its references here: http://support.microsoft.com/kb/2286198. This particular vulnerability takes advantage of the icon that appears in shortcut (.lnk and .pif) files on Windows. Within the article cited above, Microsoft provides a “FixIt” workaround for the problem that essentially removes the icon from the shortcut, leaving a blank icon in its place. In looking at what they are doing in the FixIt, it ...
Continue Reading →
23
JUL
0

Categories: General Stuff, Group Policy Preferences, Security-related

Tags: , , ,

Backing up and restoring the Local GPO

Posted by:

Some of you may have seen a twitter post I did a while back letting folks know about the Security Compliance Manager, which is a tool from Microsoft that lets you manage, edit, report, search and export security templates and baselines. This tool is pretty cool, but it also has a hidden gem in it. When you install the SCM, you will notice a folder within its program group called “LocalGPO”, which contains a package called ...

Continue Reading →
22
JUL
4

Categories: General Stuff, Microsoft-Related, Security Policy, Security-related

Tags: , ,

Controlling shares on Windows systems

Posted by:

Well, I’ve been crazy busy working on some new product releases but I wanted to take a moment to blog about some useful features in GP Preferences that often slip through the cracks. I saw a blog post today about how you could use a custom ADM file to remove administrative shares on Windows systems. This works pretty well, but I always prefer it when Group Policy makes it really easy for me to manage configuration, and GP ...

Continue Reading →
22
JUN
1

Categories: Group Policy Preferences, Security-related

Tags: ,

ActiveX Killbits and Group Policy

Posted by:

Recently, Microsoft announced a zero-day vulnerability in IE’s ActiveX video control, that required folks to react quickly to prevent exploits of this vulnerability. One of the possible routes for preventing this was to disable the affected ActiveX control in IE using so-called "Killbits" in the registry. This technique is described in general within a Microsoft KB article and specifically for this vulnerability within this document. Essentially, Killbits are a set of registry entries that must be ...

Continue Reading →
16
JUL
0

Categories: Security-related

Tags: ,