Category Archives: Security

Outlook add-in steals ~ 4,000 login and payment details

Posted on 2026-02-15 by guenni

Add-ins are ubiquitous as "software helpers." But there is a constant risk that such add-ins will suddenly have malicious functions implanted in them. A once popular Outlook add-in stole 4,000 login details and payment details after the developer abandoned the … Continue reading

Posted in Office, Security | Tagged , | Comments Off on Outlook add-in steals ~ 4,000 login and payment details

What will happen when Windows Secure Boot certificates expire in June 2026?

Posted on 2026-02-13 by guenni

In June 2026, UEFI Secure Boot certificates for Windows will expire. In October 2026, the next UEFI certificate for Secure Boot will expire. Microsoft has been trying to replace this Secure Boot certificate in UEFI for quite some time. In … Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Patchday: Microsoft Office Updates (February 10, 2026)

Posted on 2026-02-12 by guenni

On February 10, 2026 (the second Tuesday of the month, Microsoft Patch Day), Microsoft released several security updates for Microsoft Office. This month, a serious vulnerability in Word was fixed (see also the blog post Microsoft Security Update Summary (February … Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

Ivanti EPMM vulnerability CVE-2026-1281; EU and Dutch authorities hacked

Posted on 2026-02-11 by guenni

I will summarize some of the findings from the last few days regarding vulnerabilities in Ivanti Mobile Device Management (EPMM). In this context, there was also an attack on the EU Commission and an attack on the data protection authority … Continue reading

Posted in Security, Software | Tagged , , , | Leave a comment

Patchday: Windows Server Updates (February 10, 2026)

Posted on 2026-02-11 by guenni

On February 10, 2026 (the second Tuesday of the month, Microsoft's patch day), various cumulative updates were released for the supported versions of Windows Server. Below, I have listed the updates provided, along with some details for these Windows Server … Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft Office 0-day vulnerability CVE-2026-21509; Emergency updates available

Posted on 2026-01-27 by guenni

Microsoft Office 2016 to 2024 and Office 365 apps contain a zero-day vulnerability (CVE-2026-21509) that is being actively exploited in attacks. On January 26, 2026, Microsoft published initial information (also about mitigations) and emergency updates for Microsoft Office.

Posted in Office, Security, Update | Tagged , , | Leave a comment

Windows 11 24H2/25H2: Citrix Director / Remote Assist fails with update KB5074109

Posted on 2026-01-16 by guenni

Brief information for administrators of Citrix Virtual Desktop environments. I received several reports, that after installing security update KB5074109 from January 13, 2025, for Windows 11 24H2 or 25H2, Citrix Director failed to work. The reason is, that Microsoft Remote … Continue reading

Posted in issue, Security, Update, Windows | Tagged , , , | Leave a comment

Scam: Uphold 'security incident' via third-party provider?

Posted on 2025-12-23 by guenni

I was "informed" yesterday by email titled "Third-Party Data Breach Affecting Uphold Users", claiming, that there had been a "data breach" at a third-party provider affecting Uphold users. Uphold is a platform that provides a wallet for cryptocurrency. But this … Continue reading

Posted in Security | Tagged , | Leave a comment

Virtualbox 7.1.12 and 7.2.2: Vulnerability CVE-2025-62641

Posted on 2025-10-25 by guenni

[German]It has just been announced that Virtualbox 7.1.12 and 7.2.2 contain the CVE-2025-62641 vulnerability. This could allow attackers to take over the host. There are also other vulnerabilities in these versions. Virtualbox 7.1.14 and 7.2.4 provide a remedy.

Posted in Security, Software, Virtualization | Tagged , , | Leave a comment

Critical vulnerability CVE-2025-54236 in Adobe Commerce (Magento)

Posted on 2025-10-25 by guenni

[German]A critical vulnerability, CVE-2025-54236, has been found in Adobe Commerce software (formerly Magento). Adobe Commerce allows unauthenticated attackers to upload files and, ultimately, even take over accounts. The vulnerability has been assigned a CVSS 3.1 score of 9.1 (on a … Continue reading

Posted in Cloud, Security, Software | Tagged , , , | Leave a comment