[German]There is a vulnerability in Windows that allows attackers to infect a system and search a network. Security researchers from Elastic uncovered this new infection technique in mid-June 2024 and dubbed it GrimResource. I was aware of this at the time, but have only just got around to writing about it here in the blog (due to my vacation).
[German]Microsoft is planning to end support for Windows 10 in October 2025. After that, there will only be updates for paying customers of the ESU program. However, ACROS Security will use its 0patch agent to ensure that vulnerabilities in Windows 10 are patched for a further five years after its end of life in order to close security gaps. This is what Mitja Kolsek from ACROS Security told me this week – and I'm posting the information on the blog.
[German]Microsoft's e-mail system (Exchange Online, Outlook.com) was compromised by hackers from the state group Midnight Blizzard Hackers. The hackers were able to read emails and also steal source code. Microsoft has now informed various customers that their e-mails could also be read if the customers corresponded with certain Microsoft accounts. Here is the continuation of the never-ending story about Microsoft, its cloud and security.
[German]Microsoft has suspended the distribution of the optional cumulative (preview) update 5039302 for Windows 11 version 22H2 and 23H2 released on June 25, 2024. The update leads to a boot loop on machines, as readers noted shortly after publication.
[German]The remote software vendor TeamViewer has fallen victim to a successful cyber attack. Unknown perpetrators (some says APT29) were able to infiltrate the internal IT environment and gain access to the network. However, the provider states that its product environment was not affected. There are also no signs that customer data has been compromised, TeamViewer writes.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]An administrator contacted me because he ran into a serious issue in the new Teams 2.0 client. It is simply no longer possible to create new teams. The error message is not very informative, and individual forum entries are not very helpful (apart from the confirmation that the error also occurs there). The question is whether more administrators from the blog readership are affected, whether there is information on the cause and whether a solution is possibly known.
[German]Small note for administrators of a NetScaler ADC. There is a bug in various NetScaler firmware versions that prevents a PFX certificate from being imported and installed. The bug has now been confirmed – anyone who runs into this problem must use a workaround and split the certificate. Here is some information on the issue that I have come across in the last few days.
[German]Microsoft has released the optional, cumulative (preview) update 5039302 for Windows 11 version 22H2 and 23H2 on June 25, 2024. This is an optional update whose fixes will be generally rolled out in the following month. Continue reading
[German]Microsoft has released an optional cumulative (preview) update KB5039299 for Windows 10 22H2 on June 25, 2024 (D-Week). This is intended to fix numerous bugs in Windows 10 22H2. Below is an overview of these updates for Windows 10.
Continue reading
[German]The vulnerability CVE-2024-5806 was recently discovered in the Progress MOVEit Transfer software. Attacks on the CVE-2024-5806 vulnerability were observed shortly after this information was published. This brings back bad memories of a MOVEit Transfer vulnerability through which hundreds of companies were hacked by a gang of cyber criminals.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
