• Damian

    Damian

    @damian

    Viewing 6 replies - 1 through 6 (of 6 total)
    Author
    Replies
    • in reply to: September 2021 – it’s patch day! #2391093

      Running SEP v14.3.4516.2000, with newer additional monitoring through DefenseStorm 2.1.1. Since DefenseStorm is newer for us, I’ve been keeping that in the back of my mind. Unfortunately Windows event logs have have not shed any light. So far all noted machines are running v1909 with Office 2013 except for one with 2016. Eventually I will find some kind of overlap, until then I’ll be crossing my fingers that one the these forced shutdowns doesn’t corrupt Windows.

    • in reply to: September 2021 – it’s patch day! #2391069

      I have started to deploy KB5005566 to our Win10 v1909 work environment and so far we have two laptops spending over an hour trying to installing KB5005566. I ended up performing a normal Start Button>Restart which brought up the Updating Windows screen where they sat indefinitely.  Forcing the computer down and bringing it back up brings the desktop with a spinning cursor that can’t click on anything.  This is separate from a growing number of machines that haven’t received any patches yet that, but have decided to start freeze up entirely on users only allowing the cursor to be moved but without the ability to click anything. To patch or not patch, does it really matter with Windows 10…

    • in reply to: Patch Lady – remoting into a desktop without VPN #2211123

      Any concern for Key Loggers on the Home PC that could record RDP Credentials?

      Sure, but wouldn’t those be the same concerns you’d have for any credentials for any remote software?

      Currently we only allow VPN using corporate computers that are firewall locked down to our VPN.   I am worried about my corporate machines but I would be concerned about random home machines that are not governed by our corporate protection.  This does not seem like a safe option if their corporate credentials are freely read by the home PC.  Maybe my viewpoint is unique?

    • in reply to: Patch Lady – remoting into a desktop without VPN #2211086

      Any concern for Key Loggers on the Home PC that could record RDP Credentials?

    • I believe the best option is to password protect and then disable if you’re able to.  We have a relatively small environment of 180 or so endpoints.  There have been times where an endpoint has lost trust with the Domain and the built-in Admin account is needed to leave and rejoin.  This can also happen when restoring a older image to an endpoint.  I’m sure I’m not alone in this thought, nor am I solely right in my efforts.  There’s always ten ways to accomplish everything in Windows.  Thank you for your feedback, b.

      2 users thanked author for this post.
    • All of our Win7 domain machines have the Admin enabled and password protected.  This was a carry-over practice from the WinXP endpoints and it’s worked well for us.  Just as the Domain Admin has a password, Endpoints have the Local Admin with a password.  Unfortunately, we will be converting to Win10 this year but the practice will likely continue.  I could’ve sworn there were ways to active the built-in Admin account during an offline state.

    Viewing 6 replies - 1 through 6 (of 6 total)