Category Archives: Security
Microsoft released on October 19, 2018, an update to its security descriptions for October 10, 2018, updates. There is a new note about Yammer Desktop application.
[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.
[German]It seems that all Windows versions contains a kind of ‘vulnerability’ which allows to transfer user rights (administrator privileges) from another account to a Windows guest account. This is called RID hijacking, and has been known for at least 10 … Continue reading
Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL … Continue reading
[German]Does anyone use a D-Link router? In eight models, there are several security vulnerabilities that can be used to completely compromise the devices.
[German]Oracle has released a number of critical updates for its products as of October 16, 2018. Here is an overview of these updates.
[German]Besides the Microsoft patchday, Adobe has released a new batch of security updates (apart from Flash) on October 9, 2018. And there are also security advisories from Intel from October 9, 2018, which I haven’t mentioned within the blog yet.
[German]Vendors using Linux-Servers intends to move away from proprietary hardware with UEFI, Intel ME & Co. The free LinuxBoot is the answer to the UEFI glue of the commercial manufacturers, but is limited to the server area. Here is some … Continue reading
[German]In October 2018, Microsoft patched some vulnerabilities in Windows with updates. The vulnerability CVE-2018-8495 is now being actively exploited. For the (probably incompletely patched) vulnerability CVE-2018-8495 a Proof-of-Concept (PoC) is now available. And the vulnerability CVE-2018-8423 was probably patched. Here … Continue reading
Users of Tinder, Shopify, Yelp and others are threatened in their security. Security researchers at vpnMentor have discovered a DOM-XSS bug that allows them to extract information about other users via apps or websites concerned. Potentially 685 million users are … Continue reading