© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Curb your access privileges, Microsoft tells system admins

Microsoft’s recent security update might be good news for the computer industry, but some system administrators might be reluctant to enable it – as it entails curtailing their unlimited access privileges.

“Brute-force attacks are one of the top three ways that Windows machines are attacked today,” said Microsoft, referring to a method by which cybercriminals try repeatedly to guess a password, often using artificial intelligence-based technology to scale up their attempts.

“Windows devices currently do not allow local administrators to be locked out,” it added. “This leads to scenarios where, without the proper network segmentation or an intrusion-detection service, the local administrator account can be subjected to unlimited brute force attacks to attempt to determine the password.”

To counter this weakness in its flagship product, Microsoft has introduced the “10/10/10” system – after 10 failed attempts to log in during a like number of minutes, the account will be locked out for the same period of time.

Any new Microsoft devices configured to Windows 11 and any machines that come with the update – launched on October 11 – as part of their initial setup will be automatically protected by the new security regime.

But older devices will have to be updated accordingly by their operators, assuming they wish to install the new regime.

“For existing machines, setting this value to ‘enabled’ using a local or domain GPO [Windows’ centrally managed operating system] will enable the ability to lock out administrator accounts,” said the tech giant.

The tech giant is also beefing up its password regime, another potential headache for administrators, presumably in response to recent reports that have found even high-level executives are using combinations as simplistic as “123456” to protect their accounts.

“Additionally, we are now enforcing password complexity on new machines if a local administrator account is used,” said Microsoft, adding that from now on, these must include at least three in four of the following: lower case, upper case, numbers, and symbols.

More from Cybernews:

Chinese tech firm's drone "dog of war"

Retailer hit with ransomware after leaving customer data exposed

We breached Russian satellite network, say pro-Ukraine partisans

Zuckerberg unveils Meta Quest Pro for $1,500

Piracy costs entertainment industry billions

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked