Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Risk: Embedded videos in Word documents?
[German]Security experts warn of risks in Word documents. Embedded videos can be misused for attacks. The XML format of .docx files can be misused to download dubious JavaScript code.
Bing/Edge directed Chrome-Fans to Phishing sites
[German]A worrying thing that may have happened in the USA. Users looking for a Google Chrome download in Microsoft Edge on Windows 10 were occasionally redirected to a page offering unwanted software (PUP).
Linux: Vulnerability CVE-2018-15688 in Systemd
[German]A vulnerability in the systemd component of some Linux distributions can be exploited over the network. A single DHCPv6 package is enough to provoke a crash or more.
Surface Pro 3: Vulnerability in TPM chip–update required!
[German]Microsoft have been used TPM chips from Infineon in Surface Pro 3. These chips probably contain vulnerabilities in some versions. Affected owners of a Surface Pro 3 should therefore install an TPM update.
Windows Defender in a sandbox
Microsoft has added an additional security feature to the Windows Defender included in Windows 10. Defender can be run in a protected sandbox environment from Windows 10 V1703 onwards.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Win 10: Bug in UWP API enables access to user data/file
[German]There is discussion that a design flaw (a bug) within the Universal Windows Platform API allows UWP app developers to access arbitrary user data. In Windows 10 V1809, Microsoft has tried to mitigate the bug – but then UWP apps … Continue reading
Posted in issue, Security, Windows
2 Comments
Windows 10: 0-Day-Exploit in Microsoft Data Sharing
[German]Twitter user @SandboxEscaper has once again disclosed a zero-day exploit in Windows 10 (and the server editions) and published a proof of concept (PoC) on GitHub. It concerns the Microsoft Data Sharing library dssvc.dll, which allows an extension of rights..
Critical vulnerabilities in NAS devices from WD, NetGear, SeaGate, and Medion
[German]Bad news for owners of NAS systems (WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS). Security researchers have found several critical vulnerabilities within this devices.
Microsoft Security Update Releases (Oct. 19, 2018)
Microsoft released on October 19, 2018, an update to its security descriptions for October 10, 2018, updates. There is a new note about Yammer Desktop application.
Windows 10 19H1 with Retpoline Spectre V2 Mitigation
[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.