#windowsadmincenter — Public Fediverse posts

Flaws in Hybrid Cloud Tools Expose Dual Attack Surfaces

Researchers have uncovered four vulnerabilities in Microsoft's Windows Admin Center, exposing a dual attack surface in hybrid cloud tools that may be flying under your radar. If left unmonitored, this unmanaged attack surface can leave your organization vulnerable to potential threats.

https://osintsights.com/flaws-in-hybrid-cloud-tools-expose-dual-attack-surfaces?utm_source=mastodon&utm_medium=social

#HybridCloud #CloudSecurity #WindowsAdminCenter #Azure #VulnerabilityManagement

#Microsoft: Warnung vor kritischer Sicherheitslücke in #WindowsAdminCenter | Security https://www.heise.de/news/Microsoft-warnt-vor-kritischer-Rechteausweitungsluecke-in-Windows-Admin-Center-11180525.html #Patchday

Windows Admin Center - Installing extensions using Powershell http://dlvr.it/TJY3dc via PlanetPowerShell #WindowsAdminCenter #Powershell #TechTips #ITAdmin

The #usdHeroLab analysts examined the centralized management tool #WindowsAdminCenter while conducting their security analyses.
1⃣ Vulnerability Type: Cross-Site Scripting (CWE-79)
🚨 Security Risk: High
👇 More details

🧐Windows Admin Center is a centralized management tool developed by Microsoft for IT administrators to manage and monitor Windows Server and Windows 10 systems.

The vulnerability enables an attacker to persist a JavaScript code in the application. The vulnerability can be used to perform actions on other users behalf.

The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩‍💻🧑‍💻 👇
https://herolab.usd.de/en/security-advisories/usd-2022-0028/

Verstehe ich das richtig? #Microsoft hat das Museum ausgepackt, #Webmin nachprogrammiert und nennt das dann #WindowsAdminCenter #WAC? Also dürfen Windows-Admins jetzt die schmerzen spüren, die Linux-Menschen schon vor Jahrzehnten erleben durften und froh waren, als das endlich weg war?