Old Active Directory users being listed

Clicking through the Exec Summary to a list of vulnerabilities, and I am seeing a lot of disabled windows active directory users being shown as the "account" with a problem.

These users may have used the endpoint, but have since been disabled, and the endpoint reassigned and a new user has logged using active directory.

If nothing else this makes the output of Bitdefender rather unhelpful to say the least.

Am I missing a stage here ? Shouldn't the endpoint report back with the correct username ?

Best Answers

  • Flexx
    Flexx mod
    edited August 2023 Answer ✓

    The reason why it is showing disabled Windows Active Directory users as the "account" with a problem is because it is using the Active Directory user account that was logged in to the endpoint when the vulnerability was detected. If the user has since been disabled, then the vulnerability report will be incorrect.

    There are a few things that you can do to fix this issue:

    1) Make sure that Bitdefender is properly synchronized with Active Directory. This will ensure that it is using the latest list of Active Directory users, including those that have been disabled.

    2) If Bitdefender is already synchronized with Active Directory, then you can try to manually update the vulnerability report. To do this, go to the "Vulnerability Reports" page in Bitdefender and click on the "Refresh" button.

    3) If the manual update does not work, then you may need to contact Bitdefender support for help.


    In addition to the above, here are some additional things to consider:

    1) It is possible that the disabled Windows Active Directory user is still able to access the endpoint, even though they have been disabled. This could be due to a number of factors, such as a misconfiguration in Active Directory or a security vulnerability on the endpoint.

    2) If you are concerned about the security of your endpoints, then you should regularly review the vulnerability reports from Bitdefender and other security solutions. This will help you to identify any potential security risks and take steps to mitigate them.

    3) You should also make sure that your endpoints are properly patched and up-to-date with the latest security updates. This will help to protect them from known vulnerabilities.


    For more information, kindly contact the bitdefender business support by visiting https://www.bitdefender.com/support/contact-us.html?last_page=BusinessCategory 

    Additionally, @Alex_Dr or @Andra_B can have a look into this for you.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • JLC_UK
    Answer ✓

    Thank you. That makes sense and I have set the alerts to ignore as our AD isn't integrated with BitDefender. (I may look into that).