Question

I'd like you to review the security status for our small Microsoft workgroup LAN. The network consists of computers working on a variety of client platforms, such as Windows XP, Windows Vista, and Windows 7, and server products in a single environment. The workgroup contains many distinct separations in the network as determined by group memberships:

Windows laptops: Traveling salespeople, remote suppliers, branch offices

Windows desktops: Accounting group, developer group, customer service group

Windows servers: Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server

For this assignment, go through the archive of Microsoft Security Advisories at http://technet.microsoft.com/en-us/security/advisoryarchive. Then write a report that answers the following questions based on the advisories for the past 12 months:

What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.

Do any vulnerabilities involve privilege elevation? Is this considered a high-priority issue?

Identify and document at least three vulnerabilities and the solutions related to the client configurations.

Answer 1

Note: Advisory number and description are taken from the given URl. Vulnerabilities exist for the workgroup LAN: Vulnerability in ASP. NET Core MVN 1.10 Could Allow Denial of Service(4010983) Vulnerability in NET Core, ASP . NET Core Could Allow Elevation of Privilege (4021279) Vulnerability in Azure AD Connect Could Allow Elevation of Privilege(4033453) Vulnerability in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege (3214296) Deprecation of SHA -1 for SSl/TLs Certificates in Microsoft Edge and internet Explorer 11(4010323) Yes, two vulnerabilities involve elevation of privilege. The vulnerabilities involve elevation of privilege. The Vulnerability are given below. Vulnerability in NET Core, ASP.NET Core Could Allow Elevation of Privilege (4021279) Vulnerability in Azure AD Connect Could Allow Elevation Privilege(4033453) Yes, these two vulnerabilities are of high priority since, This will lead to gain elevated access to secured those are kept protected from users. This Vulnerability can be exhausted by users to do malicious or unauthorized activities that may lead to serious security falls.