Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
The problem with C++ Redists & 3rd Party security patches – I
[German]Blog reader Karl (al Qamar) informed me a while ago about a problem with securiy updates for the Visual C++ runtime libraries (Redistributables). Here are his findings about the issues.
Windows 10 Hello bypassed by printout
[German]Microsoft's Windows Hello authentication technology for Windows 10 isn't foolproof. Two German security researcher has been able to successful bypass Windows Hello with a printout of an image.
Vulnerability in Palo Alto Networks Firewalls
[German]Here's a security information for administrators using Palo Alto Networks firewalls with PAN-OS . In PAN-OS there are several critical bugs, which enables attackers to gain remote root access to the firewalls.
Vulnerability: Fortinet’s FortiClient leaks VPN client credentials
[German]The NextGeneration Endpoint Protection solution from Fortinet, FortiClient, contains also a VPN client. This client exposes credentials, but an update is available. I don't know, if blog readers are using FortiClient, but I'm publishing the information as public service announcement … Continue reading
Security update for iCloud for Windows
A serious vulnerability in Apple's HTML rendering engine WebKit also affects the iCloud client for Windows. Apple has now released a security update of the iCloud client to fix these vulnerabilities.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Security Advisory (December 12, 2017)
[German]As part of the December patchday (12/12/2017), Microsoft has also issued a Microsoft Security Advisory Notification. It addresses the security settings for Active Directory Domain Services. And it's discusses the DDE vulnerability when opening Office documents.
Posted in Office, Security, Windows
Tagged Active Directory, DDE, Microsoft, Office, Security
Leave a comment
Critical vulnerabilities in Microsoft’s Malware Protection Engine (CVE-2017-11937 and CVE-2017-11940)
[German]Microsoft's Malware Protection Engine has a critical memory corruption vulnerability that allows remote code execution. Microsoft released a security advisory on December 6, 2017 and says corresponding security updates are available. Here are what I found out till now. [Update: … Continue reading
Posted in Security, Update, Windows
Tagged Defender, Microsoft Security Essentials, Vulnerability, Windows
2 Comments
TeamViewer: Vulnerability allows permission changes
[German]The TeamViewer software, commonly used to remotely control computers, has a security vulnerability. This allows attackers to hijack a session and attack the target computer. A patch is available.
Leak: oBike exposes user data to social media
[German]Chinese firm oBike offers bikes to rent in major cities around the world. A data leak provided personal data of customers (name, email, location data) freely accessible via social networks.