User identification via Chromium browser (Chrome, Edge, Brave)?

[German]Luca Casonato already pointed out an issue in connection with Chromium browsers on July 9, 2024. In the browser, all Google websites are granted full access to system data such as CPU usage, GPU utilization, memory usage and processor information via a hidden extension. Allows Google sites to provide detailed information about the system, which enables fingerprinting. Furthermore, this information can also benefit Google during debugging. This would be a violation of the Digital Markets Act (DMA). I'll extract the relevant information in a blog post. Continue reading

Posted in browser, Security | Tagged , | Leave a comment

Advertising

Outlook to Exchange auto-discovery and the duplicate .com.com domain

Mail[German]I'm posting a curious reader observation here in the blog. It's about the auto-discovery of e-mail recipients in Outlook via the auto-discovery service in Microsoft Exchange. One reader noticed a crude problem in this context. Someone seems to have registered a subdomain that ends with .de.de and has been configured for autodiscover requests. The question arises as to why this approach was chosen – and whether a reader has a logical explanation. It certainly smells like cyber fraud to me.

Continue reading

Posted in Allgemein, Security, Software | Tagged , , | Leave a comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

Windows: Runtime-Error "This action is only valid for products that are currently installed"

Windows[German]A blog reader contacted me by e-mail a few days ago because he was facing a problem. Various programs cannot be installed on his Windows (in this case the phonostar client and UnigetUI). The installation is aborted with a runtime error and the message that the installation is only valid for products that are installed. I'll take up the problem here in the blog, maybe one or the other reader is affected. Continue reading

Posted in issue, Software, Windows | Tagged , , | Leave a comment

Advertising

Windows 10/11 updates (e.g. KB5040442) trigger Bitlocker queries (July 2024)

Windows[German]The security updates rolled out on the July 2024 patchday (e.g. KB5040442 for Windows 11, but also for the Windows 10 counterpart), there are issues on systems on which Bitlocker is activated. I got reports from several German blog readers, reporting that the systems suddenly ask for a Bitlocker key (the recovery key).

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | Leave a comment

Windows July 2024 updates break remote connections

Windows[German]There are isolated reports of issues in Windows caused by the June 2024 patchday security updates. Under Windows Server 2012 R2, there is a report that the Remote Desktop Virtualization Host Agent service under Hyper-V is broken (albeit due to the June 2024 update). And under Windows Server 2022, the Remote Desktop Gateway service is broken on some systems and crashes regularly. Remote connections are then no longer possible.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | 2 Comments

Advertising

Outlook 365 reports conflict error when updating or canceling meetings

[German]Since the beginning of June 2024, Microsoft and Outlook users have been struggling with a nasty bug that makes managing meetings a pain. Whenever a user wants to update or cancel a meeting, they are met with a conflict error. Following a tip from a reader, I would like to take this up briefly in the blog.

Continue reading

Posted in issue, Office | Tagged , | Leave a comment

Windows 11 update KB5040442 causes issues with Outlook 2021

[German]Quick question for the readership: Are there any problems with Windows 11 23H2 if the preview update KB5039302 from June 2024 or the security update KB5040442 from July 2024 is installed? I have received reports that links can no longer be opened in Outlook 2021. There are also problems with third-party applications that rely on Outlook and the MAPI interface.

Continue reading

Posted in issue, Office, Update, Windows | Tagged , , , , | Leave a comment

Microsoft Office Updates (July 9, 2024)

Update[German]On July 9, 2024 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. Below you will find an overview of the available updates. Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

Advertising

Blast RADIUS attack enables RADIUS authentication to be bypassed

Sicherheit (Pexels, allgemeine Nutzung)[German]A vulnerability (CVE-2024-3596) discovered by security researchers makes it possible to log into a network using the RADIUS network authentication protocol without further authentication. The vulnerability, called Blast-RADIUS, could jeopardize network security in companies because RADIUS network authentication can be circumvented.

Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Windows Server 2012 / R2 und Windows 7 (July 9, 2024)

Windows[German]Various security updates for Windows Server 2012/R2 (1st ESU year) were published on July 9, 2024. Support for Windows 7 SP1 and Windows Server 2008 R2 expired in January 2024. However, updates for Windows Embedded Standard 7 can be downloaded from the Microsoft Update Catalog. Here is an overview of these updates for Windows Server 2012/R2 and Windows Embedded Standard 7. Continue reading

Posted in Security, Update, Windows | Tagged , , , , | Leave a comment