Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Google Chrome 116.0.5845.179/.180 security update
[German]Google has released updates to the Google Chrome browser 116 in the stable and extended channels for Mac, Linux and Windows as of September 5, 2023. These are security updates that are rolled out and are intended to eliminate vulnerabilities … Continue reading
Security update to FRITZ!OS 7.57 (7.31) closes serious vulnerability
[German]The Berlin-based German manufacturer of routers, AVM, has released its FRITZ.OS version 7.57 for eligible FRITZ!Box models on September 4, 2023. AVM only writes that this firmware update is a necessary stability and security update. It is therefore unclear which … Continue reading
Windows Defender Application Control (WDAC) becomes Application Control for Business
Small note to administrators in the Windows environment. As far as I know, it hasn't been officially announced yet, but Microsoft is working on renaming its Windows Defender Application Control (WDAC). If not everything is wrong, the function will soon … Continue reading
Windows: Microsoft reminds of coming TLS 1.0/1.1 deactivation
[German]It's a topic that has been addressed several times here on the blog: The days of using the TLS 1.0 and TLS 1.1 protocols to communicate with servers are coming to an end. The protocols are no longer considered secure … Continue reading
Vulnerabilities (CVE-2023-40481, CVE-2023-31102) in 7-ZIP; fixed in version 23.00 (August 2023)
[German]A short update from the end of August 2023. Security researchers have found two vulnerabilities in the 7-Zip program, which is used to pack and unpack ZIP archive files. The vulnerabilities CVE-2023-40481 and CVE-2023-31102 are classified as high-risk from a … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Decryptor for Key Group Ransomware Available
Security researchers at ElectricIQ have discovered a vulnerability in the routines of the Key Group ransomware that allowed decryption tools to recover encrypted files. The decryption tool only works on a specific version of the ransomware developed around Aug. 3, … Continue reading
MalDoc: Malicious Word files in PDF documents bypass malware detection
[German]Another small addendum from this week: The Japanese CERT warns of a new technique used by cyber attackers who take malicious Word files and embed them in PDF documents. This "packaging" is intended to bypass the detection of the malicious … Continue reading
Vulnerabilities in Notepad ++ (Sept. 2023)
[German]Several vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) are believed to exist in the popular Notepad ++ editor and have been reported to the developer by a security researcher. The vulnerability ratings range from medium to high. Although this report was made … Continue reading
Exchange 2016/2019 get HSTS support; Extended Protection will also be enabled soon
[German]With CU14, Microsoft pans to enable the Windows Server Extended Protection feature by default for Exchange Server 2019 for improved protection. However, it will be possible to deactivate this feature when installing the CU14 if required. Redmond has announced this … Continue reading
Edge 116.0.1938.69
[German]Microsoft has updated the Edge browser to versions 116.0.1938.69 as of August 31, 2023. The security release notes for Edge 116.0.1938.69 state that the update includes the latest Chromium browser security fixes (CVE-2023-4572) in addition to bug fixes and stability … Continue reading