Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Software
Vulnerabilities (CVE-2023-40481, CVE-2023-31102) in 7-ZIP; fixed in version 23.00 (August 2023)
[German]A short update from the end of August 2023. Security researchers have found two vulnerabilities in the 7-Zip program, which is used to pack and unpack ZIP archive files. The vulnerabilities CVE-2023-40481 and CVE-2023-31102 are classified as high-risk from a … Continue reading
MalDoc: Malicious Word files in PDF documents bypass malware detection
[German]Another small addendum from this week: The Japanese CERT warns of a new technique used by cyber attackers who take malicious Word files and embed them in PDF documents. This "packaging" is intended to bypass the detection of the malicious … Continue reading
Deprecated Windows features: WordPad to disappear from Windows after 28 years
[German]On September 1, 2023, Microsoft once again announced which functions they want to part with in future Windows versions. In the new list, some functions are marked as 'deprecated'. So the security protocols for connections, TLS 1.0 and 1.1, are … Continue reading
Vulnerabilities in Notepad ++ (Sept. 2023)
[German]Several vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) are believed to exist in the popular Notepad ++ editor and have been reported to the developer by a security researcher. The vulnerability ratings range from medium to high. Although this report was made … Continue reading
Exchange 2016/2019 get HSTS support; Extended Protection will also be enabled soon
[German]With CU14, Microsoft pans to enable the Windows Server Extended Protection feature by default for Exchange Server 2019 for improved protection. However, it will be possible to deactivate this feature when installing the CU14 if required. Redmond has announced this … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
PowerToys 0.73.0 released
[German]Microsoft has released version 0.73.0 of its free PowerToys for Windows 10 and Windows 11 on August 31, 2023. In this version, the developer says it has focused on new features, stability and improvements. Here is an overview of the … Continue reading
Thunderbird 115.2.0/102.15.0
The Thunderbird developers have released another update of the email client to version 115.2.0 on August 29/30, 2023. It is an update, which should eliminate errors. Furthermore, Thunderbird 102.15.0 has been released as the last version in this branch.
Unfixed Skype bug allows attackers to query victims' IP address (August 2023)
[German]A security researcher has come across a way to determine the IP address of a Skype user without the target person even having to click on a link (IP address spoofing). This could be used to spy on people (e.g. … Continue reading
WordPress 6.3.1 released
The developers have released WordPress 6.3.1 as of August 29, 2023. It is a maintenance update that fixes 10 bugs (four in WordPress Core and 6 in Block Editor) according to the release notes.
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading