Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Monthly Archives: September 2021
Windows 11 Insider Build 22454 and ISO installation image (Sept. 2021)
[German]Microsoft has released Windows 11 build 22454 for Windows Insiders as a preview in the Dev Channel on September 9, 2021 – just under a month before the general release on October 5, 2021. Now this build is also available … Continue reading
Google Project Zero: 0-day vulnerability in Windows AppContainers disclosed
[German]Another brief addendum to a topic that has been on my stack for a few days already. James Forshaw from Google Project Zero disclosed a vulnerability in Windows AppContainers as early as mid-August 2021, which allows communication via the firewall … Continue reading
0-day attack via Zoho vulnerability; patching is required
[German]The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that hackers are exploiting a critical vulnerability in Zoho's password management solution ManageEngine ADSelfService Plus. The vulnerability allows attackers to take control of the system. The vendor has provided a security … Continue reading
Data leak with 87,000 FortiGate SSL VPN credentials used for attacks
[German]Another short information for administrators of FortiGate installations, which has been dangling with me for a few days. Unknown persons have created a collection of 87,000 FortiGate SSL-VPN credentials, which they are now using specifically to attack corresponding installations. CERT-Bund … Continue reading
MSHTML vulnerability CVE-2021-40444 more critical than known
[German]A few days ago, Microsoft disclosed a security advisory for the CVE-2021-40444 vulnerability in the MSHTML component included in Windows. It said there was an attempt to exploit the vulnerability in the wild via crafted Office documents. But Office users … Continue reading
Check Point discovers WhatsApp vulnerability in image filter
[German]Another brief security information for the few remaining WhatsApp users. Security researchers from Check Point have discovered a vulnerability in the WhatsApp image filter function that hackers could exploit. In the meantime, however, this vulnerability has been fixed with an … Continue reading
Next Azure container vulnerability allowed data theft
[German]Microsoft issued a warning to its Azure customers about a security vulnerability that could have allowed hackers to access data. The punchline: It involved containers whose code had a known vulnerability that had not been patched. Microsoft has now updated … Continue reading
WordPress 5.8.1 released
[German]WordPress 5.8.1 has been released as a maintenance update on September 8, 2021. The update fixed three vulnerabilities in WordPress versions between 5.4 and 5.8. Therefore, older were all WordPress versions since 5.4 also updated. Furthermore, a number of bugs … Continue reading
GhostScript 0-day vulnerability allows server compromise
[German]An unpatched vulnerability exists in GhostScript (up to v 9.50) that allows privilege escalation. Servers running the ImageMagick program are particularly at risk. These could be taken over by attackers. The vulnerability was discovered a year ago, but allegedly not … Continue reading
Attack via Office Documents on Microsoft MSHTML (ActiveX) RCE Vulnerability (CVE-2021-40444)
[German]Microsoft has issued a warning about the remote code execution vulnerability CVE-2021-40444 as of September 7, 2021. In campaigns, this vulnerability, which targets the MSHTML component of Internet Explorer, is exploited via compromised Office documents. Microsoft provides guidance on mitigating … Continue reading
Posted in browser, Office, Security, Windows
Tagged Internet Explorer, Office, Security, Windows
Leave a comment