Exchange Online Delicensing Resiliency: Protection against unintentional delicensing actions

Posted on 2024-11-19 by guenni

Exchange Logo[German]Microsoft introduced the "Exchange Online Delicensing Resiliency" feature in Exchange Online at the beginning of November 2024. This allows administrators to protect Exchange Online mailboxes from unintentional de-licensing by granting a 30-day grace period for license removal. Here is some information about this new feature.

Continue reading

Posted in Cloud, Software | Tagged , , | Leave a comment
Advertising

Vulnerabilities in Netwrix PingCastle Pro/Enterprise (Nov. 2024)

Posted on 2024-11-18 by guenni

Stop - Pixabay[German]Brief information for administrators and IT service providers who use PingCastle (now part of Netwrix) to analyze Active Directory security. Due to vulnerabilities in the code, older versions of the Enterprise and Pro editions of the tool should no longer be used for security reasons. Netwrix has updated PingCastle Enterprise and Pro to version 3.3.0.1 o to close the vulnerabilities.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Microsoft 365 MFA mandatory for admins from Feb. 3, 2025

Posted on 2024-11-17 by guenni

[German]Quick note for administrators of Microsoft 365 tenants. As of February 3, 2025, Microsoft will begin enforcing multifactor authentication (MFA) for access to the Microsoft 365 Admin Center. The option to suspend this MFA for 14 days will then be removed for the tenants concerned.
Continue reading

Posted in Cloud, Security | Leave a comment

3CX V18 with NFR license: Update to V20 mandatory since Nov. 15, 2024

Posted on 2024-11-16 by guenni

Update[German]Brief information for IT supporters who use 3CX as a telephone system. The provider has probably significantly reduced the functionalities of 3CX version 18 in the NFR license as of 15 November 2024. Anyone wishing to use the full functionality must switch to version 20 or purchase a Pro version. However, 3CX V20 is still said to be quite buggy, as one reader pointed out.

Continue reading

Posted in issue, Software | Tagged | Leave a comment

CISA warns about attacks on 0 day vulnerability in Palo Alto Networks firewalls

Posted on 2024-11-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]An unpatched vulnerability (0-day) exist in the firewalls of Palo Alto Networks. The management interface can be accessed via this vulnerability. This 0-day vulneability is already being exploited for attacks. Both the BSI and the US authority CISA have issued a warning: customers should secure their firewalls immediately.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment
Advertising

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Browser trouble II: Nov. 2024 updates for Server 2008/R2 bricks older browsers

Posted on 2024-11-16 by guenni

[German]Microsoft seems to have released security updates for Windows Server 2008 R2 on November 12, 2024. Anyone who had these updates installed subsequently found that the older browsers that could previously be used on these machines no longer work. However, there is now a workaround to get a browser working again. However, this is more of an exotic problem, as there are probably only a few Windows Server 2008 R2 machines still running.
Continue reading

Posted in browser, issue | Tagged , , , | Leave a comment
Advertising

Exchange 2016/2019 now warns against exploiting the spoofing vulnerability CVE-2024-49040 in emails

Posted on 2024-11-16 by guenni

Exchange Logo[German]Microsoft's November 2024 security updates for Exchange, has added a new feature to its Exchange 2016 and Exchange 2019 servers. Microsoft Exchange now warns when receiving emails that exploit a spoofing vulnerability (Exchange Server non-RFC compliant P2 FROM header detection CVE-2024-49040). The only problem is that the security updates from November 2024 have currently been stopped.

Continue reading

Posted in Security, Software, Update | Tagged , , , | Leave a comment

Browser trouble I: Edge tries again to import Google Chrome tabs (Nov. 2024)

Posted on 2024-11-15 by guenni

Edge[German]Brief addendum from this week. Microsoft has once again resorted to dirty tricks to force its users onto the Edge browser. The Edge browser is trying to take over the settings for tabs from the Chrome browser.

Continue reading

Posted in browser, issue | Tagged , | 1 Comment
Advertising

Vulnerability in CrushFTP; update recommended

Posted on 2024-11-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Quick note to users who use CrushFTP. A blog reader has informed me that a serious vulnerability has been discovered ans has been made public on November 11, 2024. However, there are updates in which this vulnerability, for which no CVE seems to exist yet, is closed. Here are a few details what needed to know.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Facebook: EU imposes 797.72 million euro fine

Posted on 2024-11-15 by guenni

[German]The EU Commission has fined Meta €797.72 million for tying its online classifieds service Facebook Marketplace to its personal social network Facebook and imposing unfair trading conditions on other providers of online classifieds services.

Continue reading

Posted in General | Tagged | Leave a comment