[German]Owners of QNAP NAS drives are at risk from the critical vulnerability CVE-2024-21899. This allows access to devices without requiring authentication via username and password. The manufacturer has released security updates to its vulnerable operating systems to close the vulnerability.
[German]A short addendum from last week. I recently reported on updates to VMware products. VMware has now classified certain vulnerabilities in its virtualization products as critical in a security advisory. It should therefore be patched quickly, if not already done. Addendum: I have just seen that around 1,800 VMware ESXi installations in Germany are potentially affected.
[German]Microsoft has presented last week a road map for the provision of the new Outlook app for commercial users. As soon as the new Outlook app is generally available, business users can opt out to remain with classic Outlook. This document also states that classic Outlook client for Windows will remain available for Windows until at least 2029.
[German]Microsoft has a problem with its Exchange Online instances that can easily sideline its customers. The sender domains for emails are classified as spam and rejected. This means that companies can no longer send mail. After I discussed this several times here in the blog, a blog reader sent me confirmation from Microsoft.
[German]Follow-up to this week's Facebook disruption, where users were forcibly logged out and could only log back in after a few hours. A reader has contacted me and reported that he was able to log in to Facebook under a friend's profile. And later I received several confirmations from other users.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft has now had to confirm that Russian cyber spies from the Midnight Blizzard group not only had access to the email accounts of Microsoft management in January 2024. The attackers were also able to gain access to internal systems and access product source codes. Microsoft has indications that further accesses were made following the January 2024 hack, during which source code was also accessed.
[German]Microsoft has released another update of the Edge (Chromium) browser to version 122.0.2365.80 in the stable channel on March 7, 2024. It is a maintenance update that fixes bugs (Fixed a browser crash which occurred when the BrowsingDataLifetime policy was enabled). Vulnerabilities have also been closed (see).
[German]Quick question for the readership: Has anyone experienced problems after installing the February 2024 updates KB5034767 (Cumulative Security Update) and KB5034862 (Servicing Stack Update) for Windows Server 2016? I have received a reader message that there are problems with Azure AD.
[German]I came across information in various places today that Microsoft is (secretly) installing an update KB5001716 on Windows 10. It is a "preparatory update" so that the systems can switch to Windows 11. However, some users are receiving the installation error 0x80070643 in the installation history. Here is a brief overview of the situation.
Google has released an update of the Google Chrome browser (to version 122.0.6261.111/.112) in the stable channel on March 5, 2024. The update fixes four vulnerabilities. The announcement with details can be found on the Google blog.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
