Secure Boot Vulnerability, Exchange Updates & LAPS
OneNeck IT Solutions |
Secure Boot Security Bypass Vulnerability:
May greeted us with a significant security vulnerability concerning Secure Boot. As a critical security feature, Secure Boot ensures that machines boot using only software trusted by the Original Equipment Manufacturer (OEM). This month brought the identification and subsequent patching of a security bypass vulnerability (CVE-2023-24932) that could compromise the integrity of devices with Secure Boot enabled.
Our standard practice does not involve enabling Secure Boot on OneNeck-built servers. As such, our team is not planning on providing manual action for this update. However, customers who have enabled Secure Boot on their servers should take this vulnerability seriously. We strongly recommend reviewing the related documentation and taking any necessary actions to safeguard your systems. Our Service Desk is readily available to assist our customers with any questions or assistance in their environment.
Exchange Server Updates and EOL Announcements:
This month also brought important updates for Microsoft Exchange Server.
Firstly, Microsoft has released a new Cumulative Update for Exchange Server 2019. For customers contracted with OneNeck for Exchange Management and running this version of Exchange, we will apply this update on your behalf.
In other news, Exchange Server 2013 has now reached End of Life. This designation means that Microsoft will no longer provide patches for this version of Exchange. Thus we recommend customers move away from this version to avoid potential security risks.
Meanwhile, Exchange Server 2016 has transitioned from Mainstream Support to Extended Support. While it is still receiving security updates from Microsoft, starting to plan for the future is essential. We will continue to apply these security updates for customers contracted with us for Exchange Management.
At OneNeck, we encourage all customers to upgrade to Exchange Server 2019 to benefit from the latest features, improved security and continued support. For those unsure how to proceed with the upgrade, our Service Desk will guide you through the process.
Introducing the New Local Administrator Password Solution (LAPS)
Lastly, we’d like to highlight the release of a new version of LAPS last month. This latest iteration extends support for Windows 10 & 11 and Server 2019 & 2022 and introduces new features for Azure Active Directory.
LAPS provides a simple, automated solution for managing local administrator passwords, reducing the risk of security breaches resulting from compromised credentials. If you want to deploy LAPS in your environment or have any questions about its features, please contact us at any time for assistance.
OneNeck Has Your Back!
As always, our goal at OneNeck is to help you navigate the ever-changing landscape of IT. We remain committed to providing you with the latest updates and ensuring your systems are secure, reliable, and optimized. Thank you for your continued trust in OneNeck.
Stay tuned for more updates next month!
Additional Resources:
