Gold Sponsors

Wellbury Information Services LLC



Social Media

Our LinkedIn Group:

Meeting Agenda - February 9th, 2017

9th February 2017

6:00pm:

Food and drinks served

Introduction

A brief overview of the Ohio Information Security Forum.

Way-Beyond Patching GPO and Printer Driver Vulnerabilities: How Microsoft Ruined My Summer of 2016

By: John Hermes

Abstract

Familiarity and complacence administering the Windows platform lead to some nasty surprises while managing Microsoft's Active Directory in the Windows 10 era.

Organizations world-wide were caught by surprise during the summer of 2016 when Microsoft released patches to address critical security vulnerabilities and made significant changes to both group policy (GP) processing and print driver enforcement. Here is a first-person account from a distracted, overworked and reluctant Windows administrator who didn't see it coming.

First, we'll take a quick tour of GP basics and examine the security issue that forced changes to how they're applied. Next, we'll look at flipping our perspective on permissions for deploying effective policies. Finally, we'll take a look at the Vista-era printer driver model that was effectively ignored by some big vendors - until Microsoft made it mandatory. We'll see why some big-name printers still refuse to deploy and then learn the surprisingly simple way to bypass these new restrictions.

Bio

John Hermes is a prestigious board member for OISF and all around awesome dude. When John isn't teaching the world how to be better attackers and defenders, he's policing and securing networks all over.

Group Discussion

By: Everyone