Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Exchange Server: 80% not patched against CVE-2020-0688
[German]Very nasty: A patch against the Remote Code Execution (RCE) vulnerability CVE-2020-0688 in Microsoft's Exchange Server has been available since February 2020. But 80% of publicly available Microsoft Exchange Servers are not patched. However, the advice 'patch your server' is … Continue reading
Warning: HP Support Assistant with vulnerabilities
[German]Users of HP computers should respond. The HP Support Assistant installed on many machines running Windows has security vulnerabilities that are not closed by auto-update. Whether the HP patch released at the beginning of April 2020 closes all vulnerabilities is … Continue reading
Security concerns: Zoom banned in some US schools
[German]Some US schools have now forbidden their teachers to continue using the Zoom service. The reason is security concerns and the recommendation is to switch to Microsoft Teams.
Emotet Trojan can overload computers on the network
[German]An infection with the Emotet malware can slow down an entire corporate network because the CPUs of Windows devices are being used to their maximum capacity, bringing network and internet traffic down to zero.
Google rolls back (temporarily) SameSite Cookie Changes
Due to the COVID-19 pandemy Google announced, that they are rolling back (temporarily) the SameSite Cookie changes, that has been introduced in Chrome 80 in February. Furhter details may be read within this Google blog post.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
0patch fixes Windows 7 LNK vulnerability CVE-2020-0729
[German]ACROS Security has released a micro patch for the "Stuxnet-like" LNK RCE vulnerability CVE-2020-0729. This is micro patch is available via the 0patch agent for unpatched Windows 7 SP1 and Windows Server 2008 R2 systems.
Posted in Security, Windows
Tagged 0patch, CVE-2020-0729, Security, Windows 7, Windows Server 2008 R2
Leave a comment
AdwCleaner 8.0.4 closes again a DLL Hijacking vulnerability
[German]On March 3, 2020, Malwarebytes released the tool AdwCleaner 8.0.4. It's a maintenance release. The update fixes a DLL hijacking vulnerability that I reported to the developers.
Chrome 80.0.3987.162 released (March 31, 2020)
[German]Google's developers have released version 80.0.3987.162 of the Chrome browser (heise specifies 80.0.3987.163 here). This is a security update which should close three vulnerabilities. The new Chrome version 80.0.3987.122 is available for Windows, Mac and Linux and is rolled out … Continue reading
Hackers infects thousands of MS SQL servers with backdoors
[German]Unknown hackers are running a campaign (running since May 2018) against Microsoft SQL-Server. The group succeeds in providing thousands of these SQL servers with a backdoor every day. There seems to be a whole botnet of infected SQL servers running … Continue reading
Mitigating Windows 0-day ADV200006 via GPO
[German]Small hint for administrators of large Windows environments in the Active Directory environment who need to plug the ADV200006 0-day vulnerability. Mitigation is possible using Group Policy.