Monthly Archives: April 2015

RTFM – Installing the update doesn’t automatically fix the vulnerability

Recently I was going through my vulnerability scan report and noticed one of the top 5 plugins was in regards to MS15-011.  Reading through the report it mentioned that the patch KB3000483 was installed but UNC Hardened Access was not enabled via Group Policy.  After further reading of the KB article, I realized what needed to be done.  Microsoft was nice to give some recommendations and such.  So I enabled the UNC Hardened Access on the SYSVOL and NETLOGON shares for the domain.  I did not do it for the file shares as we tend to use multiple OS platforms.  Though I would recommend doing so if you are running in a single platform environment (All Windows).

Continue reading