Fixing a Security Vulnerability in Active Directory with Steve Syfuhs - podcast episode cover

Fixing a Security Vulnerability in Active Directory with Steve Syfuhs

Jun 04, 202550 minEp. 987
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description

Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready!

Links

Recorded April 10, 2025

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
Fixing a Security Vulnerability in Active Directory with Steve Syfuhs | RunAs Radio podcast - Listen or read transcript on Metacast