Mitigating "Pass the Hash"…

Microsoft’s Trustworthy Computing (TWC) has just published a whitepaper, Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques, of which I am a co-author.  It discusses PtH attacks against Windows operating systems, how the attack is performed, and recommends mitigations for PtH attacks and similar credential theft attacks.  You can download it from the link…

0

Using NTFS Junctions to Fix Application Compatibility Issues on 64-bit Editions of Windows

Executive Summary This paper describes a simple way to mitigate some types of application compatibility problems with legacy applications installed on 64-bit editions of Windows Vista and newer, including Windows 7 and Windows 8. The technique relies on creating an NTFS junction or symbolic link, effectively “joining” two otherwise separate directory structures. The paper provides…

3