You probably have heard or read about the current issues with chips and their vulnerability.

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre)  are two nasty exploits and you might want to check your systems if they are patched.

Luckily the Microsoft Security Response Center has released a PowerShell module named SpeculationControl which can be installed from the PowerShell Gallery.

Additionally maybe look at Mike’s post

 

If you are scheduling tasks, no doubt you run across the issue that if you need a task run as a different user, said user needs the right to logon as a batch job. Doing this is fairly easy:

  1. Start secpol.msc
  2. Expand Local Policies -> User Right Assignment
  3. Find “Logon as a batch job”
  4. Add the user / service account as needed

This can of course also be set up via GPO.