Category Archives: Security

Microsoft Security Update Releases (Oct. 19, 2018)

Microsoft released on October 19, 2018, an update to its security descriptions for October 10, 2018, updates. There is a new note about Yammer Desktop application.

Posted in Security | Tagged | Leave a comment

Advertising

Windows 10 19H1 with Retpoline Spectre V2 Mitigation

[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.

Posted in Security, Windows | Tagged , | Leave a comment

Windows: RID Hijacking allows guests to become an Admin

[German]It seems that all Windows versions contains a kind of ‘vulnerability’ which allows to transfer user rights (administrator privileges) from another account to a Windows guest account. This is called RID hijacking, and has been known for at least 10 … Continue reading

Posted in Security, Windows | Tagged , | 2 Comments

Microsoft Security Update Releases (Oct 17, 2019)

Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL … Continue reading

Posted in Security, Update | Tagged , | Leave a comment

D-Link router can be compromised

[German]Does anyone use a D-Link router? In eight models, there are several security vulnerabilities that can be used to completely compromise the devices. 

Posted in devices, Security | Tagged , | Leave a comment

Advertising

Oracle Critical Patch Update October 16, 2018

[German]Oracle has released a number of critical updates for its products as of October 16, 2018. Here is an overview of these updates.

Posted in Security, Software, Update | Tagged , , , | Leave a comment

Adobe and Intel Security Update Review October 9, 2018

[German]Besides the Microsoft patchday, Adobe has released a new batch of security updates (apart from Flash) on October 9, 2018. And there are also security advisories from Intel from October 9, 2018, which I haven’t mentioned within the blog yet.

Posted in Security, Software, Update | Tagged , | Leave a comment

FOSS LinuxBoot replaces UEFI on servers

[German]Vendors using Linux-Servers intends to move away from proprietary hardware with UEFI, Intel ME & Co. The free LinuxBoot is the answer to the UEFI glue of the commercial manufacturers, but is limited to the server area. Here is some … Continue reading

Posted in devices, Linux, Security | Tagged , , | Leave a comment

Windows: CVE-2018-8423; CVE-2018-8453, CVE-2018-8495

[German]In October 2018, Microsoft patched some vulnerabilities in Windows with updates. The vulnerability CVE-2018-8495 is now being actively exploited. For the (probably incompletely patched) vulnerability CVE-2018-8495 a Proof-of-Concept (PoC) is now available. And the vulnerability CVE-2018-8423 was probably patched. Here … Continue reading

Posted in Security, Update | Tagged , , | Leave a comment

DOM-XSS bug putsTinder, Shopify, Yelp & Co. at risk

Users of Tinder, Shopify, Yelp and others are threatened in their security. Security researchers at vpnMentor have discovered a DOM-XSS bug that allows them to extract information about other users via apps or websites concerned. Potentially 685 million users are … Continue reading

Posted in Security | Tagged | Leave a comment