WinVerifyTrust Signature Validation Mitigation (CVE-2013-3900)

Рет қаралды 20,076

Күн бұрын

Пікірлер: 51

@NNAdmin Жыл бұрын

This video goes over the vulnerability and how to fix it. Please Like and Subscribe by clicking here: studio.kzbin.info/door/39GKRsNps38x7UzydcOZ9w Follow me on Twitter: twitter.com/NielsenNTWKING

@miguelarceo6020 10 ай бұрын

I searched into many webpages and nothing like this video, thanks a lot.

@NNAdmin 10 ай бұрын

Welcome 👍

@quank32 5 ай бұрын

Thank you for posting this. This just popped up on my vulnerability scanner for some older devices and your video validated what I have been reading

@NNAdmin 5 ай бұрын

Glad it helped

@sarnsaechao2201 Ай бұрын

You deserve more likes

@nicolasjochem1814 Жыл бұрын

Hey Nielsen, great to have helpful videos like that, well done :) Another person asked this as well: What can go wrong? One thing for me would "already" be that the servers need a restart (not that it's not possible, just that it has to be scheduled right). Did you hear about any complains that the cert padding check breaks things?

@NNAdmin Жыл бұрын

I have implemented these changes on numerous servers and never had an issue. *knocks on wood*. Yes, you would want to reboot during a planned maintenance.

@nicolasjochem1814 Жыл бұрын

@@NNAdmin Great News Nielsen, Thank you for the quick reply! :) * Knocking on wood * there as well, if something goes wrong against all odds, I will try to remember to leave another comment here :D

@pahadirahi Жыл бұрын

Hi Nielsen, Thanks for the video its really helpful, just need to ask what if we have multiple servers like more than 100?

@NNAdmin Жыл бұрын

Thanks for the nice comments, you would need push out the registry keys via GPO, Intune or some other desktop management software.

@pahadirahi Жыл бұрын

@@NNAdmin got it thanks 🙂

@OctenPlays Ай бұрын

hey once i go through the first process do i need to do the second?? and if i dont then do need to move the .reg file or not

@NNAdmin Ай бұрын

I am not clear on what you're asking? You only need to follow one of the ways, either manually or via script?

@NNAdmin Ай бұрын

I am not clear what you mean? Can you clarify?

@OctenPlays Ай бұрын

@@NNAdmin yeh that was the question

@-electrochapati-5501 10 ай бұрын

ur the goat man 🙏

@vicskorpio Жыл бұрын

Thank you. One question. For a windows Server, need restara? or not necesary?

@NNAdmin Жыл бұрын

Yes, for the changes to be active.

@Unwantedchannel1 2 ай бұрын

Hi nielson, this didn't work for me. Im unable to create a .reg extension note. What to do ??

@NNAdmin 2 ай бұрын

Hi, What do you mean you're unable, where are you having the issue?

@shahzadharoon497 Жыл бұрын

This one for which purpose and where is effected

@NNAdmin Жыл бұрын

I am not certain what you mean? But it's for CVE-2013-3900 and it affects certain hardware/software.

@milkahmburu3329 2 жыл бұрын

Great Stuff Nielsen.Thanks

@NNAdmin 2 жыл бұрын

Glad you enjoyed it

@josefranciscomendoza8009 Жыл бұрын

Hi Good afternoon I followed the steps and apply your recomendations. One doubt ? I rebooted the server after this recomendattions. after the reboot i must run the "How to disable the functionality. Perform the following to delete the registry value previously added" , or is not necessary. regards.

@NNAdmin Жыл бұрын

No need to delete any registry keys.

@adamgnz1786 7 ай бұрын

Very Helpful!!

@NNAdmin 7 ай бұрын

I'm glad!

@user-kt6fp8me6h Жыл бұрын

I have a question on this. We received a vulnerability report at my company for one server that has this issue but ALL of our serves across our environments do not have the wintrust reg path - is this worth even doing? Our servers run server 2016 datacenter.

@NNAdmin Жыл бұрын

Yes, I would think you would want to create the path and add the key. That said, if your goal is to stay off the report, and you're not showing on the report, then maybe you don't, but that would be your call.

@SKumar-vLog 8 ай бұрын

I created that text file and pest that registery key setting, saving text file with name of - wintrust.reg , but this file icon not changing, its simply showing as a text file .. and when i am right click on that file , i dont find out that Merge option.. Can you plz help me .

@NNAdmin 8 ай бұрын

Sounds like it's still a text file. Can you enable showing file extension? Windows 10: Open File Explorer; if you do not have an icon for this in the task bar; click Start, click Windows System, and then File Explorer. Click the View tab in File Explorer. Click the box next to File name extensions to see file extensions. Click the box next to Hidden items to see hidden files. Then see if the file has a .reg extension?

@SKumar-vLog 8 ай бұрын

@@NNAdmin... I want to know this ... I m the only person in my project ... I need help ..

@nrc6892 2 жыл бұрын

Awesome stuff, thank you!

@NNAdmin 2 жыл бұрын

Glad you liked it!

@cayonarciso1460 Жыл бұрын

Awesome, thank you.

@NNAdmin Жыл бұрын

You're welcome!

@SKumar-vLog 8 ай бұрын

Microsoft odbc driver remote code execution vulnerability. CVE-2024-21440 Can you plz let me know how to fix this vulnerability. ?

@NNAdmin 8 ай бұрын

I believe there is a MS patch for this?

@SKumar-vLog 8 ай бұрын

Can you plz tell exact patch KB details.

@TheAkloy Жыл бұрын

Is there any effect on OS functionality on production while applied this on regedit?

@NNAdmin Жыл бұрын

Not that I am aware, but check this article out for more specifics on authenticode. learn.microsoft.com/en-us/security-updates/securityadvisories/2014/2915720

@SKumar-vLog 8 ай бұрын

Windows kerberos RC4-HMAC elevation of privilege vulnerability. CVE-2022-37966 Windows server 2019 .. Remediation:- Update windows server 2019 to version 10.0.17763.3650 Can you plz let me know the steps to fix this vulnerability.

@NNAdmin 8 ай бұрын

I believe there is a MS patch for this?

@SKumar-vLog 8 ай бұрын

I am trying to fix this but its not working. Can you plz help me .. I am from India.

@NNAdmin 8 ай бұрын

I replied below.