𝐇𝐎𝐖 𝐓𝐎 𝐃𝐈𝐒𝐀𝐁𝐋𝐄 𝐏𝐑𝐈𝐍𝐓 𝐒𝐏𝐎𝐎𝐋𝐄𝐑 𝐎𝐍 𝐃𝐎𝐌𝐀𝐈𝐍 𝐂𝐎𝐍𝐓𝐑𝐎𝐋𝐋𝐄𝐑𝐒

Print Spooler is a service that takes care of print management. This includes, but is not limited to, managing printer drivers, scheduling print jobs, etc.

Print Spooler had a critical vulnerability in the past referred to as PrintNightmare (CVE-2021-34527). This vulnerability allowed attackers to execute code with administrator privileges.

The Print Spooler vulnerability was patched promptly, so if you have updated systems, the immediate risk associated with PrintNightmare is no longer present. And for normal systems, it is usually not feasible to disable Print Spooler. It would make printing impossible, which is usually not desirable.

But domain controllers are a critical part of Active Directory and need to be as secure as possible, which means blocking everything that is not needed. And you certainly should not need to print on domain controllers, so it’s a good idea to disable Print Spooler on domain controllers.

📺 Watch my YouTube video bellow on how to disable Print Spooler on Domain Controllers 👇 👇
https://youtu.be/O80HHKdnbcQ

#cswlrd #printspooler #domaincontrollers #printnightmare #videotutorial

All #sysadmins should review this article and the #CVE reports. Ensure ALL of your #domaincontrollers (at a minimum) and #WindowsServers are fully patched to prevent this vulnerability from being exploited. No one wants an #LDAP #DoS situation. What a nightmare that would be.

#StayCyberAware #BeCyberSafe

https://www.darkreading.com/vulnerabilities-threats/active-directory-flaw-can-crash-any-microsoft-server-connected-to-the-internet

Is there any reason to use server based backups for #ActiveDirectory #DomainControllers ? We can spin up VMs quickly, then promote a replacement. Restoring a DC from backup only introduces an old copy of the AD database, which will get replaced during replication.

Security Management Features di Defender for Endpoint per i Domain Controllers (in Preview)!

https://www.ictpower.it/sicurezza/security-management-features-di-defender-for-endpoint-per-domain-controllers-preview.htm

#CyberSecurity #DefenderForEndpoint #DomainControllers #SecurityManagement #ICTPower

An application was struggling with time drift issues, so everyone questioned the time on the #DomainControllers I queried the DCs using #Powershell and found that the time was consistent.

Afterward, I realized this is something I should know every day, not just when there's a reported time drift issue. So I included that script as part of my daily health checks.

Always room for more health checks. #ActiveDirectory #WhatTimeIsIt

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw - Security researchers and U.S. government authorities alike are urging admins to address Microsoft'... https://threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ #microsoftaugustpatchtuesday #privilegeescalation #domaincontrollers #vulnerabilities #activedirectory #authentication #proofofconcept #remoteprotocol #cve-2020-1472 #microsoftflaw #activedomain #criticalflaw #patchtuesday #windowsflaw #microsoft #zerologon