If you copy/paste the results from an easy #ConfigMgr query to Excel, you can analyze the boot times of your different hardware models. Might find interesting info how slow/fast different models are!

PowerShell V7 is GA! This is most important (and best) release ever. You can xcopy deploy it so you don't need to be admin so everyone can try it right away! Read all the details here. devblogs.microsoft.com/powershell/ann…

Watching the election result in Japan is at least somewhat more entertaining. I definitely laughed at the second screen. #Election2020

Good breakdown of the nuttiest theories in this election.

Had a bug a couple of months ago with bluescreens on #ConfigMgr clients. SSNPS.SYS (WoL Proxy) was causing bluescreens. We don't use this feature, so I disabled it. Solved the problem. Couldn't find anything anywhere about it still, so figured I'd mention it.

I've been working on a pure PowerShell PoC for CVE-2021-1675 (#PrintNightmare) Local Privilege Escalation tonight with @_johnhammond and I think it's come out pretty good! Includes bundled DLL to add a local admin user plus the option of using your own DLL github.com/calebstewart/C…

We've published a new Print Spooler Security Advisory: msrc.microsoft.com/update-guide/v…

Updated #printnightmare flow chart Yes, LPE is possible under certain circumstances even if disable the Print Spooler service inbound remote printing #mimikatz update on its way

I’ll try to show my working like this more often. I don’t really think too much about the process of finding something, but I’ve been making notes lately in case anyone finds it useful.

Some more hints of how I find things.

There's a bit of a write up on this one as well now.

Just used my robot vacuum to retrieve my wireless headphones from under the bed. I often forget what an amazing time we’re living in.

Twitter let the domain vid.me expire. It's a porn site now, so there's porn on the The Washington Post and HuffPost

Uh oh, the boomers have found the BIOS. This video apparently shows evidence that the state had remote control of the voting machines or something. Thank god they haven't discovered system32 yet, there's some shady shit in there.

We are proud to announce the availability of 𝗖𝗹𝗼𝘂𝗱𝗟𝗔𝗣𝗦 - Community Edition. A community created solution LAPS alternative with an integrated web portal front end, and support for #MSIntune managed devices. Docs are available here - msendpointmgr.com/cloudlaps/ #CloudLAPS

#osint any idea where I am?

CMPivot to find devices affected by #ASRmageddon Device | join kind=leftouter (File('c:\programData\Microsoft\Windows\Start Menu\Programs\outlook.lnk')) | where isnull(FileName) | project Device