Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Vulnerability in Palo Alto Networks Firewalls
[German]Here's a security information for administrators using Palo Alto Networks firewalls with PAN-OS . In PAN-OS there are several critical bugs, which enables attackers to gain remote root access to the firewalls.
Vulnerability: Fortinet’s FortiClient leaks VPN client credentials
[German]The NextGeneration Endpoint Protection solution from Fortinet, FortiClient, contains also a VPN client. This client exposes credentials, but an update is available. I don't know, if blog readers are using FortiClient, but I'm publishing the information as public service announcement … Continue reading
Security update for iCloud for Windows
A serious vulnerability in Apple's HTML rendering engine WebKit also affects the iCloud client for Windows. Apple has now released a security update of the iCloud client to fix these vulnerabilities.
Microsoft Security Advisory (December 12, 2017)
[German]As part of the December patchday (12/12/2017), Microsoft has also issued a Microsoft Security Advisory Notification. It addresses the security settings for Active Directory Domain Services. And it's discusses the DDE vulnerability when opening Office documents.
Posted in Office, Security, Windows
Tagged Active Directory, DDE, Microsoft, Office, Security
Leave a comment
Critical vulnerabilities in Microsoft’s Malware Protection Engine (CVE-2017-11937 and CVE-2017-11940)
[German]Microsoft's Malware Protection Engine has a critical memory corruption vulnerability that allows remote code execution. Microsoft released a security advisory on December 6, 2017 and says corresponding security updates are available. Here are what I found out till now. [Update: … Continue reading
Posted in Security, Update, Windows
Tagged Defender, Microsoft Security Essentials, Vulnerability, Windows
2 Comments
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
TeamViewer: Vulnerability allows permission changes
[German]The TeamViewer software, commonly used to remotely control computers, has a security vulnerability. This allows attackers to hijack a session and attack the target computer. A patch is available.
Leak: oBike exposes user data to social media
[German]Chinese firm oBike offers bikes to rent in major cities around the world. A data leak provided personal data of customers (name, email, location data) freely accessible via social networks.
Hacker are misusing CVE-2017-11882 in Office EQNEDT32.EXE
[German]Microsoft Office is shipped with old equation editor EQNEDT32.EXE that contains a vulnerability. This vulnerability is used by hacker to distribute malware.
HP installs secretly HP Touchpoint Analytics Client telemetry client
[German]Here is an Information and Question addressing owners of HP Windows devices. It seems that Hewlett Packard silently installs a telemetry client on Windows computers. Here are a few details.
Security patches for Samba
[German]The free Samba software contains a 'use-after-free' vulnerability in all versions since Samba 4.0 (released in 2012). A 2nd 'heap memory information leak' vulnerability is present since Samba version 3.6.0. Bit Linux distros are offering patches.