[German]There is a vulnerability CVE-2024-24919 in Check Point Remote Access VPN, which has been used by attackers for attacks since the end of April 2024. These steal Active Directory data in order to gain access to the victim's network and to look around the network further. Check Point has already issued a warning on May 27, 2024 – I'll post it here in the blog.
[German]One more addendum: The EU and the Digital Service Act (DSA) are working. While Microsoft has been rolling out the half-finished Copilot with Windows 10/11 in many countries for months, Redmond has only been working with the brakes on in the EU. Now, with the release of the Release Preview version of Windows 11 24H2, it has become known that users in the European Union (EU) can only obtain Copilot as an app from the Microsoft Store. Meanwhile, Microsoft has also announced Windows 11 2024 IoT Enterprise LTSC and published hardware certification rules. Here is an overview of these Windows 11 topics.
[German]Microsoft has released the optional cumulative (preview) update KB5037853 for Windows 11 version 22H2 and 23H2 on May 29, 2024. The preview update brings a number of fixes for these Windows 11 versions. It is an optional update whose fixes will be generally rolled out in the following month. Continue reading
[German]Microsoft has released an optional cumulative (preview) update KB5037849 for Windows 10 22H2 on April 23 (D-Week). This is intended to fix numerous bugs in Windows 10 22H2 and brings minor new features (account-related notifications for Microsoft accounts). Below is an overview of these updates for Windows 10. Continue reading
[German]This smells like trouble for administrators in enterprise environments, where the Edge browser is usually used. A blog reader informed me that the Edge had updated to version 125.0.2535.67, although this is definitely not released in the WSUS.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]A quick note for administrators who manage Windows 11 clients in corporate environments. With the April 2024 preview update KB5036980, Microsoft caused a problem for administrators who wanted to switch from Windows 11 Pro to Windows 11 Enterprise using AutoPilot. Rudy Ooms has analyzed the issue and developed a fix. Microsoft is aware of the problem and wants to release a fix – at the moment it is unclear to me whether this has already happened with the May 2024 update.
[German]A short piece of information for readers who use the ZScaler client connector in their environment. Three vulnerabilities CVE-2023-41972, CVE-2023-41973, CVE-2023-41969 have been disclosed by a security researcher. Combined correctly, these can be misused to launch an interactionless local privilege escalation attack on the connection in question.
[German]In mid-May 2024, Microsoft released the out-of-band update KB5039705 for Windows Server 2019, which is intended to correct the installation error 0x800f0982 of the security update KB5037765 from May 2024 on systems with a non-English language pack. However, administrators in a Citrix environment run into the problem that update KB5039705 fails with installation error 0x8007371b. However, there is a solution that can be used to try and resolve the problem.
[German]It's time again for a little round-up article with some news from the world of Broadcom and VMware. VMware seems to be losing customers on a massive scale. I have received information that major customer Compushare is rehearsing the exit with 24,000 VMs from VMware to Nutanix. And then there is the CIO of Boyd Gaming, who is happy to have switched from VMware to Nutanix 18 months ago. The switch of the user portal from VMware to Broadcom was also turbulent for customers and caused problems with missing licenses.
[German]Weeks ago, there were serious cyberattacks on Change Healthcare, a payment service provider of the UnitedHealth Group, which paralyzed the supply of medicines in the USA due to payments no longer being made. In this context, I received a document with NCA insigts a few weeks ago, which raised the question of what lessons can be learned from the hacks in the healthcare sector. In my opinion, this also applies to IT in the German healthcare sector.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
