Services on Demand
Journal
Article
Indicators
- Cited by SciELO
- Access statistics
Related links
- Similars in SciELO
Share
Enfoque UTE
On-line version ISSN 1390-6542Print version ISSN 1390-9363
Abstract
LOPEZ, Gabriel R.; GUAMAN, Danny S. and CAIZA, Julio C.. Windows Server 2012 vulnerabilities and security. Enfoque UTE [online]. 2015, vol.6, n.3, pp.36-51. ISSN 1390-6542. https://doi.org/10.29019/enfoqueute.v6n3.67.
This investigation analyses the history of the vulnerabilities of the base system Windows Server 2012 highlighting the most critic vulnerabilities given every 4 months since its creation until the current date of the research. It was organized by the type of vulnerabilities based on the classification of the NIST. Next, given the official vulnerabilities of the system, the authors show how a critical vulnerability is treated by Microsoft in order to countermeasure the security flaw. Then, the authors present the recommended security approaches for Windows Server 2012, which focus on the baseline software given by Microsoft, update, patch and change management, hardening practices and the application of Active Directory Rights Management Services (AD RMS). AD RMS is considered as an important feature since it is able to protect the system even though it is compromised using access lists at a document level. Finally, the investigation of the state of the art related to the security of Windows Server 2012 shows an analysis of solutions given by third parties vendors, which offer security products to secure the base system objective of this study. The recommended solution given by the authors present the security vendor Symantec with its successful features and also characteristics that the authors considered that may have to be improved in future versions of the security solution.
Keywords : Windows Server 2012; vulnerabilities; CVE; operating systems security..