A small reminder about last week: Windows 10 Mobile version 1709 (the ‘latest version’) received its last security update on 10.12.2019. Microsoft had internally changed the documentation so that the support ends on January 14th, 2020. But after the date has passed, Windows 10 Mobile is finally out of support. Devices with this operating system still work, but they don’t get any more updates.
Microsoft has announced the dates for its Ignite conference in September 2020. The MSIgnite 2020 will start on September 21, 2020, in Orlando Florida (USA) and will continue until September 25, 2020.
[German]Microsoft has issued a security advisory for a 0-day vulnerability in Internet Explorer as of January 17, 2020, which affects virtually all versions of Windows (because Internet Explorer is the browser that is present in those versions). There is an issue in the JScript part that could be exploited to remotely execute code. Here is some information, including how to work around it.
[German]Microsoft has updated the Edge Browser to version 79.0.309.68, so that the vulnerabilities present in Chrome (see Chrome 79.0.3945.130) are also fixed in the Chromium Edge Browser. The issue, that Chromium Edge is installed in a wrong language after download seems also be fixed. (via deskmodder.de).
[German]Microsoft’s parking garages in Redmond, USA, are in trouble. Their car park control system and servers has been unprotected and accessible via the Internet.
[German] Google’s developers have just released Chrome 79.0.3945.130. The browser update closes 11 vulnerabilities in total, but Google don’t reaveal details about that.
[German]Another short collection for administrators who use the Citrix ADC (Application Delivery Controller, formerly Netscaler). The CVE-2019-19781 vulnerability has been exploited. In addition, other vulnerabilities and backdoors have been discovered. As there are no firmware updates available yet (coming next week), those affected will have to go back in and take measures to harden against the vulnerabilities and perform additional testing to ensure that the instances are not infected.
[German]There is a critical vulnerability in the WordPress plugin InfiniteWP Client up to version 1.9.4.4 that allows bypassing authentication. In addition, security researchers have discovered a plugin that allows the mass implementation of user passwords on compromised WordPress installations.
[German]Intel published security advisories on January 14, 2020 on various vulnerabilities in its products. These security advisories refer to fixes or workarounds for vulnerabilities identified in Intel products.
[German]The CyptoAPI vulnerability CVE-2020-0601 in Windows has several proof of concept exploits and is likely to be actively attacked soon. Chrome introduces a check in the browser and there is a test page for this vulnerability.
2013, 2014
2015, 2016
2017
This site is using cookies, see more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.
