Tag Archives: Security

Windows 10 19H1 with Retpoline Spectre V2 Mitigation

[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.

Posted in Security, Windows | Tagged , | Leave a comment

Advertising

Windows: RID Hijacking allows guests to become an Admin

[German]It seems that all Windows versions contains a kind of ‘vulnerability’ which allows to transfer user rights (administrator privileges) from another account to a Windows guest account. This is called RID hijacking, and has been known for at least 10 … Continue reading

Posted in Security, Windows | Tagged , | 2 Comments

Microsoft Security Update Releases (Oct 17, 2019)

Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL … Continue reading

Posted in Security, Update | Tagged , | Leave a comment

D-Link router can be compromised

[German]Does anyone use a D-Link router? In eight models, there are several security vulnerabilities that can be used to completely compromise the devices. 

Posted in devices, Security | Tagged , | Leave a comment

Oracle Critical Patch Update October 16, 2018

[German]Oracle has released a number of critical updates for its products as of October 16, 2018. Here is an overview of these updates.

Posted in Security, Software, Update | Tagged , , , | Leave a comment

Advertising

Adobe and Intel Security Update Review October 9, 2018

[German]Besides the Microsoft patchday, Adobe has released a new batch of security updates (apart from Flash) on October 9, 2018. And there are also security advisories from Intel from October 9, 2018, which I haven’t mentioned within the blog yet.

Posted in Security, Software, Update | Tagged , | Leave a comment

FOSS LinuxBoot replaces UEFI on servers

[German]Vendors using Linux-Servers intends to move away from proprietary hardware with UEFI, Intel ME & Co. The free LinuxBoot is the answer to the UEFI glue of the commercial manufacturers, but is limited to the server area. Here is some … Continue reading

Posted in devices, Linux, Security | Tagged , , | Leave a comment

Windows: CVE-2018-8423; CVE-2018-8453, CVE-2018-8495

[German]In October 2018, Microsoft patched some vulnerabilities in Windows with updates. The vulnerability CVE-2018-8495 is now being actively exploited. For the (probably incompletely patched) vulnerability CVE-2018-8495 a Proof-of-Concept (PoC) is now available. And the vulnerability CVE-2018-8423 was probably patched. Here … Continue reading

Posted in Security, Update | Tagged , , | Leave a comment

DOM-XSS bug putsTinder, Shopify, Yelp & Co. at risk

Users of Tinder, Shopify, Yelp and others are threatened in their security. Security researchers at vpnMentor have discovered a DOM-XSS bug that allows them to extract information about other users via apps or websites concerned. Potentially 685 million users are … Continue reading

Posted in Security | Tagged | Leave a comment

Microsoft Patchday: Further Updates October 9, 2018

[German]As of October 9, 2018 (Patchday) Microsoft has released further updates for Internet Explorer, Windows Server, etc.. In this blog post the respective patches are added, which are not included in the remaining posts linked at the end of the … Continue reading

Posted in Security, Update | Tagged , , | Leave a comment