Blogs
Links
Archives
Categories
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sponsors
(Paypal-Donations)Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Meta
Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Archives
Categories
Meta
Category Archives: Security
Microsoft's new Store app installer with telemetry wrapper as a security trap
[German]I just reported how the Store team has started repackaging Store apps. An executable .NET wrapper is slapped around the store apps, which smuggles telemetry and other code into the app. This is intended to simplify the installation of store … Continue reading
Advertising
Windows print spooler vulnerability CVE-2022-38028 preferred attack vector for Russian attackers
[German]The old print spooler vulnerability CVE-2022-38028 in Windows is probably the preferred target of the Russian hacker group Fancy Bear. This was revealed by Microsoft's analysis of an attack tool ('GooseEgg' malware). However, this attack vector can no longer be … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
US cyber expert: Microsoft is a national security risk
[German]Lousy security culture, products as full of holes as a Swiss cheese, but "to big to fail and everyone is dependent". That's a description of Microsoft – not mine, but the tenor of the statements made by the former White … Continue reading
Advertising
Data leak at Chinese manufacturer reveals information on surveillance devices
A Chinese manufacturer has inadvertently disclosed the data of surveillance devices. An unsecured database, which was freely accessible on the internet, contained 3 billion data records with details of surveillance systems from Chinese manufacturer Raysharp. Advertising
Critical PuTTY vulnerability CVE-2024-31497 leaks private keys
[German]The free software PuTTY can be used to establish connections via Secure Shell, Telnet, remote login or serial interfaces with a server. However, there is a critical vulnerability in the software in question (CVE-2024-31497) that can be used to reconstruct … Continue reading
Advertising
US CISA orders admins in authorities to mitigate the cyber risks of the Microsoft Cloud
[English]On April 2, 2024, the US cybersecurity authority CISA issued a directive to the administrators of US authorities requiring them to "mitigate" or eliminate the cyber risks posed to customers by a hack of the Microsoft Cloud or the Microsoft … Continue reading
Unsecured Microsoft Azure Server exposes passwords etc. of Microsoft systems (Feb. 2024)
[German]Security researchers from SOCRadar have discovered an unsecured storage server on Microsoft Azure on which internal information about Microsoft's Bing search engine was stored. Well, the storage server, which was freely accessible to anyone, only contained unimportant stuff from Microsoft … Continue reading
Microsoft Office Updates (April 9, 2024)
[German]On April 9, 2024 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. Below you will find an overview of … Continue reading
Advertising
Windows Server 2012 / R2 and Windows 7 (April 9, 2024)
[German]Various security updates for Windows Server 2012/R2 (1st ESU year) were published on April 9, 2024. Support for Windows 7 SP1 and Windows Server 2008 R2 expired in January 2024. However, updates for Windows Embedded Standard 7 can be downloaded … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 4.2024, Security, Update, Windows
Leave a comment
Patchday: Windows 11/Server 2022-Updates (April 9, 2024)
[German]On April 9, 2024 (second Tuesday of the month, patch day at Microsoft), Microsoft also released cumulative updates for Windows 11 23H2 to 21H2. Windows Server 2022 and Windows Server 23H2 also received updates. Here are some details about these … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 4.2024, Security, Server 2022, Update, Windows 11
Leave a comment
