Windows Server 2012 vulnerabilities and security

Authors

  • Gabriel R. López Escuela Politécnica Nacional
  • Danny S. Guamán Escuela Politécnica Nacional
  • Julio C. Caiza Escuela Politécnica Nacional

DOI:

https://doi.org/10.29019/enfoqueute.v6n3.67

Keywords:

Windows Server 2012, vulnerabilities, CVE, operating systems security

Abstract

This investigation analyses the history of the vulnerabilities of the base system Windows Server 2012 highlighting the most critic vulnerabilities given every 4 months since its creation until the current date of the research. It was organized by the type of vulnerabilities based on the classification of the NIST. Next, given the official vulnerabilities of the system, the authors show how a critical vulnerability is treated by Microsoft in order to countermeasure the security flaw. Then, the authors present the recommended security approaches for Windows Server 2012, which focus on the baseline software given by Microsoft, update, patch and change management, hardening practices and the application of Active Directory Rights Management Services (AD RMS). AD RMS is considered as an important feature since it is able to protect the system even though it is compromised using access lists at a document level. Finally, the investigation of the state of the art related to the security of Windows Server 2012 shows an analysis of solutions given by third parties vendors, which offer security products to secure the base system objective of this study. The recommended solution given by the authors present the security vendor Symantec with its successful features and also characteristics that the authors considered that may have to be improved in future versions of the security solution.

Downloads

Download data is not yet available.

Downloads

Published

2015-09-30

How to Cite

López, G. R., Guamán, D. S., & Caiza, J. C. (2015). Windows Server 2012 vulnerabilities and security. Enfoque UTE, 6(3), pp. 36 – 51. https://doi.org/10.29019/enfoqueute.v6n3.67

Issue

Vol. 6 No. 3 (2015)

Section

Miscellaneous

License

The articles and research published by the UTE University are carried out under the Open Access regime in electronic format.  This means that all content is freely available without charge to the user or his/her institution. Users are allowed to read, download, copy, distribute, print, search, or link to the full texts of the articles, or use them for any other lawful purpose, without asking prior permission from the publisher or the author. This is in accordance with the BOAI definition of open access. By submitting an article to any of the scientific journals of the UTE University, the author or authors accept these conditions.

The UTE applies the Creative Commons Attribution (CC-BY) license to articles in its scientific journals. Under this open access license, as an author you agree that anyone may reuse your article in whole or in part for any purpose, free of charge, including commercial purposes. Anyone can copy, distribute or reuse the content as long as the author and original source are correctly cited. This facilitates freedom of reuse and also ensures that content can be extracted without barriers for research needs.

 

This work is licensed under a Creative Commons Attribution 3.0 International (CC BY 3.0).

 

The Enfoque UTE journal guarantees and declares that authors always retain all copyrights and full publishing rights without restrictions [© The Author(s)]. Acknowledgment (BY): Any exploitation of the work is allowed, including a commercial purpose, as well as the creation of derivative works, the distribution of which is also allowed without any restriction.