Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Windows Security and Hardening

You're reading from   Mastering Windows Security and Hardening Secure and protect your Windows environment from cyber threats using zero-trust security principles

Arrow left icon
Product type Paperback
Published in Aug 2022
Publisher Packt
ISBN-13 9781803236544
Length 816 pages
Edition 2nd Edition
Arrow right icon
Authors (2):
Arrow left icon
Matt Tumbarello Matt Tumbarello
Author Profile Icon Matt Tumbarello
Matt Tumbarello
Mark Dunkerley Mark Dunkerley
Author Profile Icon Mark Dunkerley
Mark Dunkerley
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Part 1: Getting Started and Fundamentals
2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER 3. Chapter 2: Building a Baseline 4. Chapter 3: Hardware and Virtualization 5. Chapter 4: Networking Fundamentals for Hardening Windows 6. Chapter 5: Identity and Access Management 7. Part 2: Applying Security and Hardening
8. Chapter 6: Administration and Policy Management 9. Chapter 7: Deploying Windows Securely 10. Chapter 8: Keeping Your Windows Client Secure 11. Chapter 9: Advanced Hardening for Windows Clients 12. Chapter 10: Mitigating Common Attack Vectors 13. Chapter 11: Server Infrastructure Management 14. Chapter 12: Keeping Your Windows Server Secure 15. Part 3: Protecting, Detecting, and Responding for Windows Environments
16. Chapter 13: Security Monitoring and Reporting 17. Chapter 14: Security Operations 18. Chapter 15: Testing and Auditing 19. Chapter 16: Top 10 Recommendations and the Future 20. Other Books You May Enjoy

Identifying vulnerabilities

Now that we know more about the kinds of threats you may face, it’s even more important for you to know where to access information about these vulnerabilities. You also need to be aware of any resources that are available so that you can educate yourself on what’s required to remediate any vulnerabilities. As you are already aware, Windows is renowned for its ongoing vulnerabilities, and patching/updating these systems has morphed into a full-time and very specialized role over the years. The following website is the authoritative source regarding Microsoft security updates: https://msrc.microsoft.com/update-guide/en-us.

Useful Information

Here is a link to the Microsoft Security Response Center (MSRC): https://www.microsoft.com/en-us/msrc?rtc=1.

As shown in the following screenshot, you will be provided with a list of all identified vulnerabilities from Microsoft within a selected time range, with additional filtering options. To give you an idea of the risk profile for Windows, the following filter is scoped to Windows 11 for x64-based systems over November 2021, which returned 47 uniquely addressed vulnerabilities:

Figure 1.5 – Microsoft Security Update Guide

Figure 1.5 – Microsoft Security Update Guide

One term you may have heard as part of vulnerability management with Microsoft is the famous Patch Tuesday (also referred to as Update Tuesday). Patch Tuesday occurs on the second Tuesday of every month and is the day that Microsoft will release its monthly patches for Windows and other Microsoft products. There are many references on the internet for Patch Tuesday, in addition to the MSRC. One example of a common resource used to track Patch Tuesday releases is the Patch Tuesday dashboard: https://patchtuesdaydashboard.com/.

As you review the updates needed for your Windows systems, you will notice that each of them has a unique identifier (UID) to reference the update, beginning with CVE. CVE stands for Common Vulnerabilities and Exposures and is the standard for vulnerability management, allowing one source to catalog and uniquely identify vulnerabilities. CVE is not a database of vulnerabilities but a dictionary providing definitions for vulnerabilities and exposures that have been publicly disclosed. The US DHS and CISA sponsor the CVE.

Tip

Visit this website to learn more about CVE: https://www.cve.org/About/Overview.

The following screenshot shows an overview of what the CVE provides and can be found at https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Windows:

Figure 1.6 – CVE Windows search results

Figure 1.6 – CVE Windows search results

In addition to the CVE is the NVD. NVD is the National Vulnerability Database, which is an additional resource for vulnerability management provided by NIST. The NVD is synced with the CVE to ensure the latest updates appear within its repository. NVD provides additional analysis of the vulnerabilities listed in the CVE dictionary by using the following:

  • Common Vulnerability Scoring System (CVSS) for impact analysis
  • Common Weakness Enumeration (CWE) for vulnerability types
  • Common Platform Enumeration (CPE) for structured naming standards

The following screenshot shows an overview of what the NVD provides and can be found via https://nvd.nist.gov/vuln/search/results?form_type=Basic&results_type=overview&query=Windows&search_type=all&isCpeNameSearch=false:

Figure 1.7 – NVD Windows search results

Figure 1.7 – NVD Windows search results

Information

CISA has released a known exploited vulnerabilities catalog that will be continuously maintained. This should be incorporated into your VMP for review. You can find the catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog.

One additional resource that we should mention is the Open Web Application Security Project (OWASP). OWASP is a nonprofit organization that helps improve the security of software for individuals and enterprises. It provides a tremendous amount of resources such as tools, documentation, and a community of professionals, all looking to continually enhance software security. Although OWASP is focused on application and web application security, there is a high possibility that an application or a web application will be running on your Windows servers and Windows clients. Because of this, it is critical, as a security professional, for you to be able to intelligently discuss these concerns and challenges with the business, developer(s), and application/web application owners.

Tip

You can find more information about OWASP at https://owasp.org/.

One of the more common projects that OWASP provides is the OWASP Top 10, which provides the most critical web application security risks. The latest version available was recently published in 2021 and is presented here:

  1. Broken Access Control
  2. Cryptographic Failures
  3. Injection
  4. Insecure Design
  5. Security Misconfiguration
  6. Vulnerable and Outdated Components
  7. Identification and Authentication Failures
  8. Software and Data Integrity Failures
  9. Security Logging and Monitoring Failures
  10. Server-Side Request Forgery (SSRF)

    Tip

    View OWASP Top Ten Web Application Security Risks for 2021 here: https://owasp.org/www-project-top-ten/.

You have been reading a chapter from
Mastering Windows Security and Hardening - Second Edition
Published in: Aug 2022
Publisher: Packt
ISBN-13: 9781803236544
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime