An open API at Deutsche Telekom is leaking user data

Posted on 2024-07-15 by guenni

Stop - Pixabay[English]German security expert Lilith Wittmann discovered an unprotected API from Deutsche Telekom, that can be used, to retrieve details about landline connections via their internet access. She set up a website that can be used to retrieve data from Telekom's landline network connections. The IP address is sufficient, and the data obtained can be used to permanently track Telekom subscribers on the Internet. This could be a veritable data breach at Deutsche Telekom – and it could be GDPR-relevant. Here's a quick rundown of what's going on.
Continue reading

Posted in Security | Tagged | 1 Comment

July 2024 security update KB5040427 crashes Windows 10/Server LPD printing service

Posted on 2024-07-15 by guenni

Windows[German]With the security updates of July 9, 2024, Microsoft has patched some bugs and vulnerabilities in the relevant Windows versions. However, I have received reports from readers that the July 2024 updates are causing problems with the print service. Users report that the LPD service crashes after the first printout. Printing is then no longer possible – another problem with the July 2024 patchday.

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | 1 Comment

Outlook Web Access (OWA): Emails duplicated after moving to folder

Posted on 2024-07-14 by guenni

Mail[German]A small note for administrators whose users are using OutlookWeb Access (OWA) and are now complaining that emails that have been moved to other folders are suddenly appearing there several times. A reader has informed me that Microsoft is aware of the problem and is working on a fix. The fix has been rolled out.

Continue reading

Posted in Cloud, issue, Software | Tagged , | Leave a comment

Cloud expansion jeopardized by lack of security know-how?

Posted on 2024-07-14 by guenni

[German]An exciting story: everything is (at least it feels like it is) moving into the cloud. But the German companies that are already in the cloud are facing serious security problems. Security provider Tenable has taken a closer look and published its 2024 Cloud Security Outlook. In short: most IT managers are planning to expand their company's cloud environments next year. However, there is a lack of feasibility, as those responsible have identified a lack of expertise as an obstacle to cloud migration.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

User identification via Chromium browser (Chrome, Edge, Brave)?

Posted on 2024-07-13 by guenni

[German]Luca Casonato already pointed out an issue in connection with Chromium browsers on July 9, 2024. In the browser, all Google websites are granted full access to system data such as CPU usage, GPU utilization, memory usage and processor information via a hidden extension. Allows Google sites to provide detailed information about the system, which enables fingerprinting. Furthermore, this information can also benefit Google during debugging. This would be a violation of the Digital Markets Act (DMA). I'll extract the relevant information in a blog post. Continue reading

Posted in browser, Security | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Outlook to Exchange auto-discovery and the duplicate .com.com domain

Posted on 2024-07-13 by guenni

Mail[German]I'm posting a curious reader observation here in the blog. It's about the auto-discovery of e-mail recipients in Outlook via the auto-discovery service in Microsoft Exchange. One reader noticed a crude problem in this context. Someone seems to have registered a subdomain that ends with .de.de and has been configured for autodiscover requests. The question arises as to why this approach was chosen – and whether a reader has a logical explanation. It certainly smells like cyber fraud to me.

Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

Windows: Runtime-Error "This action is only valid for products that are currently installed"

Posted on 2024-07-13 by guenni

Windows[German]A blog reader contacted me by e-mail a few days ago because he was facing a problem. Various programs cannot be installed on his Windows (in this case the phonostar client and UnigetUI). The installation is aborted with a runtime error and the message that the installation is only valid for products that are installed. I'll take up the problem here in the blog, maybe one or the other reader is affected. Continue reading

Posted in issue, Software, Windows | Tagged , , | Leave a comment

Windows 10/11 updates (e.g. KB5040442) triggers Bitlocker queries (July 2024)

Posted on 2024-07-12 by guenni

Windows[German]The security updates rolled out on the July 2024 patchday (e.g. KB5040442 for Windows 11, but also for the Windows 10 counterpart), there are issues on systems on which Bitlocker is activated. I got reports from several German blog readers, reporting that the systems suddenly ask for a Bitlocker key (the recovery key).

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | 1 Comment

Windows July 2024 updates break remote connections

Posted on 2024-07-12 by guenni

Windows[German]There are isolated reports of issues in Windows caused by the July 2024 patchday security updates. Under Windows Server 2012 R2, there is a report that the Remote Desktop Virtualization Host Agent service under Hyper-V is broken (albeit due to the June 2024 update). And under Windows Server 2022, the Remote Desktop Gateway service is broken on some systems and crashes regularly. Remote connections are then no longer possible.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | 12 Comments

Outlook 365 reports conflict error when updating or canceling meetings

Posted on 2024-07-12 by guenni

[German]Since the beginning of June 2024, Microsoft and Outlook users have been struggling with a nasty bug that makes managing meetings a pain. Whenever a user wants to update or cancel a meeting, they are met with a conflict error. Following a tip from a reader, I would like to take this up briefly in the blog.

Continue reading

Posted in issue, Office | Tagged , | Leave a comment