Malware utilizes a multitude of techniques to avoid detection, and threat actors are continuously uncovering and exploiting new methods of attack. One of the less common techniques includes the exploitation of the Windows Restart Manager. To stay ahead of malicious authors, it is important to be aware of them and understand how they work.
Windows Server 2012, is the sixth version of the Windows Server operating system by Microsoft, as part of the Windows NT family of operating systems. At the time, Windows Server 2012 brought forth an array of enhanced features and refinements, and over the years, it stood as a cornerstone for many organisations, providing a bedrock of reliability, scalability, and adaptability to accommodate applications and workloads.
The security of your organization’s data and systems is at the top. As a leading provider of operating systems and applications, Microsoft understands the criticality of safeguarding its customers’ sensitive information. With products like Windows, Windows Server, Microsoft 365 apps for enterprise, and Microsoft Edge, they strive to offer secure solutions that inspire confidence.
Local WMI querying is straightforward to implement and troubleshoot — but remote WMI querying is another story. Indeed, setting up secure remote WMI querying for a user with no admin rights is a daunting task. This blog can help. I’ll walk you through the steps I used to enable a standard domain user to query the Microsoft SQL Server WMI namespace class on a Windows Server 2012 R2 running Microsoft SQL Server 2016.
Windows 10, which is still the most widely deployed operating system on desktops, has announced end of support for October 14, 2025. The current version, 22H2, will be the last version of Windows 10, which means that Microsoft will stop providing support and security updates for that particular version and any vulnerabilities discovered after the EOL (End of Life) date will not be fixed by Microsoft, leaving your operating system, and that of your customers, exposed to security risks.
There is an old saying: “One person’s tool is another person’s weapon.” That is certainly true of Windows PowerShell. Included with every Windows operating system today, this powerful command-line shell and scripting language is used by IT professionals for system administration, remote management, cybersecurity, software development and more.
Microsoft disclosed a zero-day vulnerability impacting Office and Windows on July’s Patch Tuesday. This vulnerability has an “important” severity level, and can allow attackers to perform remote code execution with the same privileges as the target. As of this writing, there is no patch available to mitigate the vulnerability, but Microsoft has provided mitigation steps.
