Blogs
Links
Archives
Categories
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sponsors
(Paypal-Donations)Recent Comments
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
- BradentonDeb2021 on Windows 10: Annoying ads about "End of Support" and for Microsoft account
- BradentonDeb2021 on Windows 10: Annoying ads about "End of Support" and for Microsoft account
Meta
Recent Comments
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
- BradentonDeb2021 on Windows 10: Annoying ads about "End of Support" and for Microsoft account
- BradentonDeb2021 on Windows 10: Annoying ads about "End of Support" and for Microsoft account
Archives
Categories
Meta
Tag Archives: Vulnerability
Microsoft Teams: Remote Code Execution (RCE) vulnerability
A little note about security on Microsoft Teams. Two security researchers @adm1nkyj1 and @jinmo123 participated in pwn2own 2022 in Vancouver. There they tried to hack Microsoft Teams, but failed due to time allocation. Both discovered a bug that allowed an … Continue reading
Advertising
Trend Micro Apex One and Office Scan XG vulnerable
[German]Administrators using Trend Micro's Apex One, Apex One as a Service (SaaS) and Office Scan XG products as a protection solution on Windows and macOS need to act. The products are vulnerable through four vulnerabilities, but an update is available. … Continue reading
Posted in macOS, Security, Software, Windows
Tagged Antivirus, Security, Update, Vulnerability
Leave a comment
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Windows 10: Critical codec vulnerabilities patched
[German]Microsoft has patched vulnerabilities CVE-2020-1425 and CVE-2020-1457 in the Windows Codecs Library in an emergency update on 30 June 2020. This affects Windows 10 and its Windows Server counterparts. Advertising
Posted in Security, Software, Update, Windows
Tagged Update, Vulnerability, Windows 10, Windows Server
Leave a comment
Advertising
Kr00k: Wi-Fi vulnerability puts millions of devices at risk
[German]Security researchers at ESET have discovered a vulnerability in Broadcom and Cypress WLAN chips that could compromise the WPA2 encryption of millions of devices (routers). Here is some information on the subject. Advertising
Posted in devices, Security
Tagged Broadcom, devices, Security, Vulnerability, Wi-Fi
Leave a comment
Does PayPal fail with security? Vulnerabilities unfixed
[German]Disturbing story just came to me from security analysts. The provider PayPal has had (and still has) vulnerabilities in its system for a month, which were reported in January 2020, but have not yet been fixed. Hackers can abuse them … Continue reading
Advertising
Security: Avira Optimizer allows privilege escalation
[German]Users of the virus protection solution receive the Avira Optimizer installed in newer versions. Up to the version before 1.2.0.367, this contains a vulnerability that allows privileges escalation. The Avira developers have now fixed this vulnerability with the version mentioned … Continue reading
Posted in Security, Windows
Tagged Antivirus, Avira, Security, Vulnerability, Windows
Leave a comment
.SettingContent-ms files put Windows 10 at risk
[German]Microsoft has introduced a new file format (.SettingContent-ms) for Windows 10 in 2015. However, this file format proves to be a weak point, as any commands and applications can be defined for execution via the underlying XML structures. Advertising
Critical vulnerabilities in Microsoft’s Malware Protection Engine (CVE-2017-11937 and CVE-2017-11940)
[German]Microsoft's Malware Protection Engine has a critical memory corruption vulnerability that allows remote code execution. Microsoft released a security advisory on December 6, 2017 and says corresponding security updates are available. Here are what I found out till now. [Update: … Continue reading
Posted in Security, Update, Windows
Tagged Defender, Microsoft Security Essentials, Vulnerability, Windows
2 Comments
Advertising
Critical vulnerability in HPE Integrated Lights-out 4 (iLO 4)
[German]The management software Integrated Lights-out 4 (iLO 4) for HP-Proliant Server has a critical vulnerability, allowing remote code execution on a system without login. Advertising
Posted in devices, issue, Security, Update
Tagged CVE-2017-12542, Update, Vulnerability
Leave a comment
US-CERT warns: Microsoft Windows LNK vulnerability
[German]US-CERT issued a warning: Microsoft Windows automatically executes code specified in shortcut (LNK) files. This allows attackers to execute malware during viewing a lnk file. A public exploit is available. Advertising
