Category Archives: Security

SQL Server 2016 SP2: Update KB4293807 pulled

[German]A brief information for administrators: Microsoft released the security update KB4293807 for SQL Server 2016 SP2 on August 14, 2018. But this update has already been pulled. Addendum: Update revision KB4458621 has been released on August 19, 2018.

Posted in Security, Update | Tagged , , , | 1 Comment

Advertising

Windows 10 and the OneDrive vulnerabilities – Part 3

[German]In Part 1 and Part 2 of my article series I described the vulnerabilities in Microsoft’s OneDrive client (addressing the location of program files in the unprotected profile folder and the use of outdated open source libraries with known vulnerabilities). … Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Windows 10 and the OneDrive vulnerabilities – Part 2

[German]In part 1 of my article series about vulnerabilities in OneDrive client I mentioned, the location of the program files in the unprotected profile folder. But Microsoft developers have made further mistakes, such as using outdated open source libraries with … Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Windows 10 and the OneDrive vulnerabilities – Part 1

[German]This article is about the OneDrive client that Microsoft delivers with Windows 10. The way, how Microsoft’s developers has implemented this client, leaves several vulnerabilities. Here are a few details about an investigation.

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Firefox Addon Stylish is back ….

[German]Dead ones live longer. The Stylish addon, with which you can give websites their own style, is back for Firefox. Great development, here’s some background information you need to know. 

Posted in browser, Security | Tagged , | Leave a comment

Advertising

Firefox addon Web Security transfers private data

[German]It isn’t a nice story so far: Mozilla’s developers have recommended the addon Web Security for a short time to protect privacy and to secure the browser. However, this addon transmits the URLs and other (possibly private or sensitive) data … Continue reading

Posted in browser, Security | Tagged , | Leave a comment

Microsoft Security Advisory Notification (August 14, 2018)

On August 14, 2018, Microsoft published two more Security Advisory Notifications dealing with the newly discovered vulnerabilities (L1TF). Addendum:  Security Advisory from August 15, 2018 added.

Posted in Security | Tagged | Leave a comment

Microsoft Patchday: Other Updates (August 14, 2018)

[German]On August 14, 2018 (patchday) Microsoft has released further updates for Internet Explorer, Windows Server, etc. This blog post contains details of selected patches that are not included in the remaining articles linked at the end of this blog post. 

Posted in Security, Software, Update | Tagged , , , , | Leave a comment

Patchday Microsoft Office Updates (August 14, 2018)

[German]On August 14, 2018 (second Tuesday of the month, patchday at Microsoft), Microsoft has released several security-related updates for still supported Microsoft Office versions and products such as Sharepoint.

Posted in Office, Security, Update | Tagged , , | Leave a comment

Foreshadow (L1TF) Intel CPU vulnerabilities

[German]Since a few hours details about the next vulnerabilities in Intel CPUs from the Next Generation Spectre series are public. Details on the Foreshadow (aka L1 Terminal Fault) vulnerability and the other L1 Terminal Fault variants were published on Usenix … Continue reading

Posted in Linux, Security, Software, Virtualization, Windows | Tagged , , | Leave a comment