Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Google Chrome/SQLite: New Magellan 2.0 vulnerabilities
[German]In the Google Chrome (Chromium) browser (and other software that uses SQLite), there were some vulnerabilities, called Magellan 2.0, in SQLite, which was closed with the update to Chrome 79.0.3945.79 or with a SQLite code commit of December 13, 2019.
Microsoft enforces secure connections to the Domain Controller from January 2020
[German]Just a brief information for Administrators of domain controllers in the Windows Server environment. As of January 2020, Microsoft requires secure connections to these domain controllers.
Vulnerability in Citrix Apps put companies at risk
[German]A vulnerability exists in the Citrix Application Delivery Controller (ADC) – formerly NetScaler ADC – and in Citrix Gateway – formerly NetScaler Gateway – that could allow attackers to execute abitrary code.
Vulnerability in NVIDIA GeForce Experience App closed
[German]Vendor NVIDIA has closed a chess hole (DDOS or Privilege Escalation) in its NVIDIA GeForce Experience app with an update.
Microsoft Security Advisories Dez. 17, 2019
[German]Microsoft issued two security advisories on December 17, 2019, which warn of vulnerabilities in SharePoint Server and refer to LDAP Channel Binding and LDAP Signing.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows Server 2016: Security-Bug in Profile Security Settings
[German]German blog reader Martin Feuerstein pointed out a bug in the security permissions of the default user in Windows Server 2016. I am reporting the details here, maybe somebody else can confirm it.
CERT-Bund/BSI Warning about Emotet-Trojan/Ransomware
[German]In the last few days there have been a number of reports of cyber incidents in German institutions that are attributed to the emotet Trojan/Ransomware. The BSI warns of the danger, especially since spam mail is sent 'on behalf of … Continue reading
AdwCleaner 8.0.1 closes a DLL Hijacking vulnerability
[German]On December 17/18 2019 the tool AdwCleaner 8.0.1 was released by Malwarebytes. This update fixes a DLL hijacking vulnerability I reported to the developers.
Microsoft Security Essentials (MSE) for Windows 7 receive definition updates after January 14, 2020
[German]Microsoft made an U turn. If you run Windows 7 SP1 after January 14, 2020 and use the Microsoft Security Essentials as antivirus software, you will still receive signature updates (against the previous announcement).
Privilege-Escalation-Bug in VMWare
[German]Is VMware virtualization software with VMware Tools installed on Windows systems? Then there is probably a Privilege Escalation vulnerability that can be used by attackers to increase their privileges. Addendum: The tweets announcing the bug were deleted now and the … Continue reading