Horizon Secured
@horizon-secured.com
Master Windows & Active Directory Security—From Defense to Attacks.
🚨 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 – 𝗗𝗛𝗖𝗣 𝗜𝘀𝘀𝘂𝗲𝘀 𝗔𝗳𝘁𝗲𝗿 𝗝𝘂𝗻𝗲 𝗨𝗽𝗱𝗮𝘁𝗲𝘀
Microsoft just confirmed a bug affecting DHCP on all major Windows Server versions (2016–2025). Clients may fail to renew IPs after applying June 2025 updates.
🛠️ Fix is on the way.
Stay safe,
Dave
#PatchTuesday #HorizonAlert
Microsoft just confirmed a bug affecting DHCP on all major Windows Server versions (2016–2025). Clients may fail to renew IPs after applying June 2025 updates.
🛠️ Fix is on the way.
Stay safe,
Dave
#PatchTuesday #HorizonAlert
June 14, 2025 at 7:14 AM
🚨 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 – 𝗗𝗛𝗖𝗣 𝗜𝘀𝘀𝘂𝗲𝘀 𝗔𝗳𝘁𝗲𝗿 𝗝𝘂𝗻𝗲 𝗨𝗽𝗱𝗮𝘁𝗲𝘀
Microsoft just confirmed a bug affecting DHCP on all major Windows Server versions (2016–2025). Clients may fail to renew IPs after applying June 2025 updates.
🛠️ Fix is on the way.
Stay safe,
Dave
#PatchTuesday #HorizonAlert
Microsoft just confirmed a bug affecting DHCP on all major Windows Server versions (2016–2025). Clients may fail to renew IPs after applying June 2025 updates.
🛠️ Fix is on the way.
Stay safe,
Dave
#PatchTuesday #HorizonAlert
🛠️ 𝗧𝘄𝗼 𝗮𝗻𝗻𝗼𝘆𝗶𝗻𝗴 𝗯𝘂𝗴𝘀—𝗳𝗶𝗻𝗮𝗹𝗹𝘆 𝗳𝗶𝘅𝗲𝗱!
✔️ Firewall profile issue on Windows Server 2025 DCs
✔️ Kerberos cert-based auth issues (WHfB, Device PKINIT)
Both resolved in the 𝗝𝘂𝗻𝗲 𝟮𝟬𝟮𝟱 updates ✅
📬 You can subscribe to my newsletter to get all the details as soon as possible.
#PatchTuesday
✔️ Firewall profile issue on Windows Server 2025 DCs
✔️ Kerberos cert-based auth issues (WHfB, Device PKINIT)
Both resolved in the 𝗝𝘂𝗻𝗲 𝟮𝟬𝟮𝟱 updates ✅
📬 You can subscribe to my newsletter to get all the details as soon as possible.
#PatchTuesday
June 11, 2025 at 7:02 AM
🛠️ 𝗧𝘄𝗼 𝗮𝗻𝗻𝗼𝘆𝗶𝗻𝗴 𝗯𝘂𝗴𝘀—𝗳𝗶𝗻𝗮𝗹𝗹𝘆 𝗳𝗶𝘅𝗲𝗱!
✔️ Firewall profile issue on Windows Server 2025 DCs
✔️ Kerberos cert-based auth issues (WHfB, Device PKINIT)
Both resolved in the 𝗝𝘂𝗻𝗲 𝟮𝟬𝟮𝟱 updates ✅
📬 You can subscribe to my newsletter to get all the details as soon as possible.
#PatchTuesday
✔️ Firewall profile issue on Windows Server 2025 DCs
✔️ Kerberos cert-based auth issues (WHfB, Device PKINIT)
Both resolved in the 𝗝𝘂𝗻𝗲 𝟮𝟬𝟮𝟱 updates ✅
📬 You can subscribe to my newsletter to get all the details as soon as possible.
#PatchTuesday
🔐 Microsoft Patch Tuesday - 2 Zero-Days:
→ SMB privilege escalation (CVE-2025-33073)
→ WebDAV RCE (CVE-2025-33053) – actively exploited!
Network-based, low complexity.
📩 Full breakdown in Horizon Alert.
horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay
→ SMB privilege escalation (CVE-2025-33073)
→ WebDAV RCE (CVE-2025-33053) – actively exploited!
Network-based, low complexity.
📩 Full breakdown in Horizon Alert.
horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay
June 10, 2025 at 7:51 PM
🔐 Microsoft Patch Tuesday - 2 Zero-Days:
→ SMB privilege escalation (CVE-2025-33073)
→ WebDAV RCE (CVE-2025-33053) – actively exploited!
Network-based, low complexity.
📩 Full breakdown in Horizon Alert.
horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay
→ SMB privilege escalation (CVE-2025-33073)
→ WebDAV RCE (CVE-2025-33053) – actively exploited!
Network-based, low complexity.
📩 Full breakdown in Horizon Alert.
horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay
🚨 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗣𝗮𝘁𝗰𝗵 𝗧𝘂𝗲𝘀𝗱𝗮𝘆 - 𝟳 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆𝘀 𝘁𝗵𝗶𝘀 𝗠𝗮𝘆 🚨
5 exploited
4 = gain SYSTEM privileges
Targets: CLFS, DWM, Defender, Visual Studio
You don't have time to dig — I do.
Subscribe for full alerts:
👉 horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay #Infosec #PatchTuesday
5 exploited
4 = gain SYSTEM privileges
Targets: CLFS, DWM, Defender, Visual Studio
You don't have time to dig — I do.
Subscribe for full alerts:
👉 horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay #Infosec #PatchTuesday
May 13, 2025 at 6:16 PM
🚨 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗣𝗮𝘁𝗰𝗵 𝗧𝘂𝗲𝘀𝗱𝗮𝘆 - 𝟳 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆𝘀 𝘁𝗵𝗶𝘀 𝗠𝗮𝘆 🚨
5 exploited
4 = gain SYSTEM privileges
Targets: CLFS, DWM, Defender, Visual Studio
You don't have time to dig — I do.
Subscribe for full alerts:
👉 horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay #Infosec #PatchTuesday
5 exploited
4 = gain SYSTEM privileges
Targets: CLFS, DWM, Defender, Visual Studio
You don't have time to dig — I do.
Subscribe for full alerts:
👉 horizon-secured.com/newsletter/
#CyberSecurity #ZeroDay #Infosec #PatchTuesday
1/4 🔒 Secure Bits 💡
𝗦𝗜𝗗 𝗛𝗶𝘀𝘁𝗼𝗿𝘆 𝗰𝗮𝗻 𝗯𝗲 𝗮 𝗱𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀 𝗮𝘁𝘁𝗿𝗶𝗯𝘂𝘁𝗲.
Do you use it in your environment?
Originally, SID History was used during Active Directory migrations—to let migrated users access old resources by injecting old SIDs into the SIDHistory attribute.
𝗦𝗜𝗗 𝗛𝗶𝘀𝘁𝗼𝗿𝘆 𝗰𝗮𝗻 𝗯𝗲 𝗮 𝗱𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀 𝗮𝘁𝘁𝗿𝗶𝗯𝘂𝘁𝗲.
Do you use it in your environment?
Originally, SID History was used during Active Directory migrations—to let migrated users access old resources by injecting old SIDs into the SIDHistory attribute.
May 13, 2025 at 11:02 AM
1/4 🔒 Secure Bits 💡
𝗦𝗜𝗗 𝗛𝗶𝘀𝘁𝗼𝗿𝘆 𝗰𝗮𝗻 𝗯𝗲 𝗮 𝗱𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀 𝗮𝘁𝘁𝗿𝗶𝗯𝘂𝘁𝗲.
Do you use it in your environment?
Originally, SID History was used during Active Directory migrations—to let migrated users access old resources by injecting old SIDs into the SIDHistory attribute.
𝗦𝗜𝗗 𝗛𝗶𝘀𝘁𝗼𝗿𝘆 𝗰𝗮𝗻 𝗯𝗲 𝗮 𝗱𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀 𝗮𝘁𝘁𝗿𝗶𝗯𝘂𝘁𝗲.
Do you use it in your environment?
Originally, SID History was used during Active Directory migrations—to let migrated users access old resources by injecting old SIDs into the SIDHistory attribute.
🔒 Secure Bits 💡
“The trust relationship between this workstation and the primary domain failed.”
Do you really understand what this message means? Let’s break it down. 👇
#Windows #ActiveDirectory
“The trust relationship between this workstation and the primary domain failed.”
Do you really understand what this message means? Let’s break it down. 👇
#Windows #ActiveDirectory
April 29, 2025 at 11:42 AM
🔒 Secure Bits 💡
“The trust relationship between this workstation and the primary domain failed.”
Do you really understand what this message means? Let’s break it down. 👇
#Windows #ActiveDirectory
“The trust relationship between this workstation and the primary domain failed.”
Do you really understand what this message means? Let’s break it down. 👇
#Windows #ActiveDirectory
🔒 Secure Bits 💡
Need different password policies in Active Directory?
You can't just create two GPOs.
Why? GPO password policy only applies to computers—not users.
✅ Use Fine-Grained Password Policies to target specific users or groups.
Set via Active Directory Admin Center.
#ActiveDirectory
Need different password policies in Active Directory?
You can't just create two GPOs.
Why? GPO password policy only applies to computers—not users.
✅ Use Fine-Grained Password Policies to target specific users or groups.
Set via Active Directory Admin Center.
#ActiveDirectory
April 13, 2025 at 3:22 PM
🔒 Secure Bits 💡
Need different password policies in Active Directory?
You can't just create two GPOs.
Why? GPO password policy only applies to computers—not users.
✅ Use Fine-Grained Password Policies to target specific users or groups.
Set via Active Directory Admin Center.
#ActiveDirectory
Need different password policies in Active Directory?
You can't just create two GPOs.
Why? GPO password policy only applies to computers—not users.
✅ Use Fine-Grained Password Policies to target specific users or groups.
Set via Active Directory Admin Center.
#ActiveDirectory
🚨04/2025 Patch Tuesday - Bugs & Issues Detected🔴
Calendar causes crash in Outlook 2016
Word 2016 and Excel 2016 blocked/crashing
Windows Hello does not work
Make sure to properly test this batch !
If you want to be notified in time and with additional info: horizon-secured.com/newsletter/
Calendar causes crash in Outlook 2016
Word 2016 and Excel 2016 blocked/crashing
Windows Hello does not work
Make sure to properly test this batch !
If you want to be notified in time and with additional info: horizon-secured.com/newsletter/
April 9, 2025 at 5:12 PM
🚨04/2025 Patch Tuesday - Bugs & Issues Detected🔴
Calendar causes crash in Outlook 2016
Word 2016 and Excel 2016 blocked/crashing
Windows Hello does not work
Make sure to properly test this batch !
If you want to be notified in time and with additional info: horizon-secured.com/newsletter/
Calendar causes crash in Outlook 2016
Word 2016 and Excel 2016 blocked/crashing
Windows Hello does not work
Make sure to properly test this batch !
If you want to be notified in time and with additional info: horizon-secured.com/newsletter/
🚨Horizon Alert – April 2025🚩
𝗢𝗻𝗲 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 – 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟵𝟴𝟮𝟰
▪️Privilege Escalation to SYSTEM
▪️Exploited in the wild
▪️Low complexity + low privileges = patch ASAP
Prioritize exposed/internet-facing systems.
𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗯𝗲 𝘁𝗼 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 (𝗳𝗿𝗲𝗲):
👉 horizon-secured.com/newsletter/
𝗢𝗻𝗲 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 – 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟵𝟴𝟮𝟰
▪️Privilege Escalation to SYSTEM
▪️Exploited in the wild
▪️Low complexity + low privileges = patch ASAP
Prioritize exposed/internet-facing systems.
𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗯𝗲 𝘁𝗼 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 (𝗳𝗿𝗲𝗲):
👉 horizon-secured.com/newsletter/
April 8, 2025 at 6:28 PM
🚨Horizon Alert – April 2025🚩
𝗢𝗻𝗲 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 – 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟵𝟴𝟮𝟰
▪️Privilege Escalation to SYSTEM
▪️Exploited in the wild
▪️Low complexity + low privileges = patch ASAP
Prioritize exposed/internet-facing systems.
𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗯𝗲 𝘁𝗼 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 (𝗳𝗿𝗲𝗲):
👉 horizon-secured.com/newsletter/
𝗢𝗻𝗲 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 – 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟵𝟴𝟮𝟰
▪️Privilege Escalation to SYSTEM
▪️Exploited in the wild
▪️Low complexity + low privileges = patch ASAP
Prioritize exposed/internet-facing systems.
𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗯𝗲 𝘁𝗼 𝗛𝗼𝗿𝗶𝘇𝗼𝗻 𝗔𝗹𝗲𝗿𝘁 (𝗳𝗿𝗲𝗲):
👉 horizon-secured.com/newsletter/