Changes to default Active Directory configuration for LDAP binding and signing could spell trouble for organizations worldwide
HAWTHORNE, NJ, February 4, 2020 — Stealthbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced a free program designed to help organizations mitigate the risks of operational outage associated with Microsoft’s pending update to Active Directory slated for March, 2020.
The update, which applies to nine (9) Windows Operating System levels and many more versions, aims to address a vulnerability that exposes Active Directory Domain Controllers to privilege escalation scenarios. Microsoft is recommending organizations enable the LDAP channel binding and LDAP signing features they will enforce by default in March before the update is provided, as a means by which to identify systems, applications, and other devices that will be incompatible with the more secure configuration. They are also advising organizations to contact the providers of incompatible technologies to obtain necessary fixes if configuration options aren’t already available to achieve compatibility.
“As a security software provider, we are in full support of Microsoft’s move to improve the security of Active Directory and the vast number of resources connected to it,” said Jeff Warren, GM Products at Stealthbits Technologies. “This update underscores the importance of Active Directory not just from a security standpoint, however. Operationally, this security-focused update has the potential of affecting system uptime and business continuity on a broad scale.”
He continued, “In conjunction with Microsoft’s native LDAP authentication-focused auditing or standalone, our StealthINTERCEPT platform and its low-level, surgical LDAP query monitoring capabilities can make the exercise of identifying incompatible technologies simple and safe for any organization. Given the tight timelines and the severity of the situation, we’re willing to help anyone who needs it to figure out exactly what they’re dealing with before the update is released.”
StealthINTERCEPT’s LDAP module is capable of capturing the fine-grained details of the queries being executed against Active Directory. These details not only include whether or not the query was executed securely and where it was coming from, but what the query was actually requesting from the directory. Using StealthINTERCEPT’s LDAP blocking functionality, organizations can also simulate the effect of the update in broad or selective ways, without actually modifying Active Directory configurations.
How To Act
Regardless of whether or not you’re a Stealthbits customer, we’re happy to help! Please visit https://info.Stealthbits.com/microsoft-march-2020-ldap-update-solution and fill out the Contact Request form. A Stealthbits Representative will contact you immediately to provide you with all the information you’ll need to get started.
Stealthbits Technologies, Inc. is a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operations expense.
The Stealthbits logo and all other Stealthbits product or service names and slogans are registered trademarks or trademarks of Stealthbits Technologies, Inc. All other trademarks and registered trademarks are property of their respective owners.
# # #
Madison Alexander PR
Office: +1 714-832-8716
Mobile: +1 949-231-2965