Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)
[German]Since May 2022, a bug has been known to exist in Windows that prevents the "Mark of the Web" flag from being set for files extracted from ZIP archives. Microsoft itself has not yet released a patch for this 0-day … Continue reading
WordPress 6.0.3 released
I just received a message that a maintenance update to WordPress 6.0.3 has been released. This update closes some vulnerabilities, which are described here. Here the update has worked without any noticeable issues.
Warning: Phishing Mail from "Microsoft" suggesting a password change
[German]Warning regarding a new phishing campaign that a blog reader alerted me to via email today (October 17, 2022). The mail apparently comes from Microsoft and claims that the password for the email account has been changed. If one had … Continue reading
Windows Update KB5012170 (Secure Boot DBX) re-released for WSUS (Oct. 2022)
[German]Brief information for administrators in the Windows environment. A reader just informed me that Windows Update KB5012170 has been re-released in WSUS. This update was released on Patchday, August 9, 2022 to fix issues in Secure Boot DBX. However, this … Continue reading
Microsoft confirms: Windows fails to detect dangerous drivers – block lists not updated
[German]Windows 10/11 and its server pendants should block known, malicious drivers when they are loaded, so that they cannot cause any damage, as Microsoft has claimed for years. Now, Microsoft has secretly admitted that they made a mistake there. Because … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
LockSmith: Search for AD Certificate Services misconfigurations via PowerShell script
[German]Small tip for administrators of an Active Directory environment on Windows Server. There is a small PowerShell script to identify and fix common misconfigurations in Active Directory Certificate Services. I became aware of the tool via this tweet. he tool … Continue reading
Edge 106.0.1370.47 – does the browser causes hard disk accesses?
[German]Microsoft has updated the Edge browser in the stable channel to version 106.0.1370.47 as of October 14, 2022. Is a security update, which should iron out the vulnerabilities fixed in Chrome. However, there are reports that Edge constantly writes to … Continue reading
BlackByte ransomware disables security solutions via Windows drivers
[German]The developers of the BlackByte ransomware exploit a vulnerability in a legitimate Windows driver (from Micro-Star's MSI AfterBurner 4.6.2.15658) to bypass security solutions. Security researchers from Sophos recently pointed this out in a report. This technique is known as BYOVD … Continue reading
Microsoft back ports brute force protection of administrator accounts for Windows
[German]Microsoft has back ported a group policy from Windows 11/Windows Server 2022, to protect local administrator accounts against brute-force attacks, to all supported Windows versions. This feature will be available with the Windows security updates released on October 11, 2022. … Continue reading
Fortinet Advisory about an authentication bypass vulnerability CVE-2022-40684
[German]There is an authentication bypass vulnerability CVE-2022-40684 in the FortiGate firewalls, FortiProxy web proxies and FortiSwitch Manager (FSWM) that allows attackers to access the products without authentication. Fortinet had already warned in early October 2022 – but attacks on the … Continue reading