You may not believe it but Microsoft has been taking big steps to try and secure your systems from bad actors. Some things are technical, others are common-sense. The newest security patch, version 22H2 which began rolling out this week is the latter - I'll explain why.
Bad guys are sometimes able to get into computers on a network, then look for ways to infiltrate other vulnerable systems. This is called lateral movement and there are multiple strategies these bad guys use to do this. One of them is by brute forcing lots of password attempts to other devices, sometimes to the tune of thousands of times per second from large dictionaries of commonly use passwords.
Well, what did Microsoft do? They put a rate limiter on how frequently one computer can try a password on another! Not sure why it took them this long to figure this out, but there you go.
For example, if an attacker previously had sent 300 brute force attempts per second from a client for 5 minutes (90,000 passwords), the same number of attempts would now take 50 hours minimum. The goal is to make your Windows 11 machine unattractive for the bad guys.
Hopefu
lly it helps.
Be sure to update your Windows 11 machines to 22H2 as soon as possible!
Stay safe out there -A
Oh, and if you're interested, I we did a spot on Think Tech Hawaii last week called How Cyber Secure Are You?
Always looking for ways to help protect the community. Thank you in advance for helping us educate and inspire others to stay safe out there.
