[German]Nice topic: Microsoft is pushing its Copilot via Microsoft 365 to its customers. Any user shall do something in AI – whether it's needed is secondary. Of course, this increases the attack surface and administrators have to think about security. At BlackHat 2024, Michael Bargury demonstrated RCE attacks on M365 Copilot – an email is all it takes to search for sensitivities. Here is a brief summary of this topic.
[German]A small note to users of Windows 10 and Windows 11 who may rely on the Paint 3D program. Paint 3D, which was announced with great fanfare in 2016, will soon be buried without a sound. On November 4, 2024, Paint 3D will no longer be supported by Microsoft and will no longer receive updates. A logical step now that Microsoft no longer finds mixed reality sexy and has scrapped it.
[German]Small addendum to a topic that has already been known for a few days. On June 25, 2024, NVidia published the support article EOL Windows driver support for older CPUs without POPCNT instruction. There the end-of-life (EOL) for Windows driver support on older CPUs without support for the POPCNT instruction was announced.
[German]Question for administrators who distribute their updates for the Edge browser via the WSUS: Are there any inconsistencies at the moment (August 8, 2024). A user has left a comment at this time that points to a somewhat chaotic situation with the Edge updates. Here is a brief overview of what information I have.
[German]Another follow-up to the July 2024 patchday, in which Microsoft closed the vulnerability CVE-2024-38077 in the Windows Remote Desktop Licensing (RDL) service of Windows Server. This is a Remote Code Execution (RCE) vulnerability that has been rated with a CVSS 3.1 score of 9.8. Anyone who has not yet patched should do so immediately. A proof of concept (PoC) for this vulnerability has been published. Although this publication was taken offline again after a few hours, attacks can be expected soon.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]A security researcher from SafeBreach has taken a closer look at the Microsoft Windows update architecture. He discovered vulnerabilities in the operating system's update function (which are basically serious design flaws) that enable a downgrade attack. An attacker can thus roll back security updates that have already been installed and even prevent the installation of further updates, so that the supposedly patched vulnerabilities continue to exist. This manipulation is not recognizable and is not shown. Microsoft has been aware of this since February 2024, but has not yet provided any update to close the vulnerability – only some advisories has been published yesterday.
[German]Small addendum from Tuesday this week. On August 6, 2024 (first Tuesday of the month), Microsoft released non-security updates for Microsoft Office 2016. I'll summarize some information about these updates here in the blog.
[German]After the CrowdStrike Falcon software paralyzed 8.5 million Windows computers some time ago, the provider has now issued a second statement. According to the statement, 99% of the sensors are now back in operation. Otherwise, some of those affected are threatening to sue for damages. Delta Air Lines' approach has made it into the media. Now there is the first counterattack: Microsoft had offered Delta Air Lines free support, but this was rejected. Here is a summary of the relevant information.
[German]I'm posting a topic here in the blog that still has "a few days to go" but could have very unpleasant consequences. In the fall of 2026, a certificate in Windows will expire, which ensures that Secure Boot can be executed in the UEFI. At that time, the certificate was valid for 15 years, but all machines that are not updated will no longer be able to start in Secure Boot mode by the deadline.
[German]There are vulnerabilities in Windows SmartScreen and Smart App Control that are based on design errors. It has now become public that these vulnerabilities have been exploited by attackers since 2018. Security researchers at Elastic Security Labs have compiled and published an overview of the problems and design weaknesses of the security functions used in Windows.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
