[German]Approximately 3 months after the release of the feature update to version 23H2 for Windows 11, Microsoft is starting the final rollout phase. All Windows 11 machines that are compatible with version 23H2 will now be offered the corresponding feature update and will be forcibly updated to this version in the coming days.
[German]A little information for Windows 10/11 users who also use Adobe's Creative Cloud. It seems that some of these users have "recently" started to suffer from problems with Windows Explorer. It reacts extremely slowly when changing folders and file selection is hardly possible. The cause is the deactivation of Adobe synchronization with the cloud. As a result, an Adobe operating system extension for Windows no longer worked. There was a simple workaround for those affected, but Adobe has now also provided a fix.
[German]Virtualisation vendor VMware has just issued a security warning. It concerns the Enhanced Authentication Plug-in (EAP), which should be uninstalled as a matter of urgency. Critical vulnerabilities have been found in the Enhanced Authentication Plug-in (EAP). We do not know if EAP is still in use, as it has been retired as obsolete in 2021. In addition, EAP is not included in vCenter Server, ESXi or Cloud Foundation installations.
[German]Does anyone use Screenconnect from the provider ConnectWise? A critical vulnerability (CVSS 3.1 10.0) has been discovered in the remote desktop software, which should be closed immediately. An initial exploit for this vulnerability is already available. Here is a quick overview for administrators who are responsible for or manage the use of this software. I would say: The roof is on fire. Addendum: 2,866 vulnerable instances in the USA.
[German]New scandal surrounding Ivanti Endpoint Manager. In 2021, Ivanti closed a security vulnerability CVE-2021-44529 in the product known as "code injection". There were rumors that it was a backdoor in an open source project. A security researcher then took another closer look at the code and made some astonishing discoveries.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
On February 8, 2024, administrators using the Progress Kemp LoadMaster load balancer were advised to update its firmware. The information on the vulnerability CVE-2024-1212 in the Progress Kemp LoadMaster firmware was not released until February 21, 2024. I have updated this in the article Progress Kemp LoadMaster (load balancer) Firmware update.
[German]International law enforcement agencies (FBI, BKA etc.) have broken up a suspected Russian espionage network that was infecting routers from the manufacturer Ubiquiti. The spy network has been shut down last week. However, users of Ubiquiti routers should now reset their devices, assign their own password and also update them to the latest firmware version.
[German]Since February 13, 2024, a vulnerability CVE-2024-21410 has been known, through which attackers can access NTLM hashes via Microsoft Exchange Server and then misuse them for NTLM relay or pass-the-hash attacks. I have now read that more than 28,500 Exchange servers are vulnerable via CVE-2024-21410. Administrators must therefore take action and secure their IT infrastructure. In this context, I also came across an analysis by Frank Carius, who sees the vulnerability not in the Exchange Server but in the IIS. So there is potentially much more affected.
[German]On February 20, 2024, the Mozilla developers released the new Firefox 123 and the maintenance update of Firefox 115.8 ESR. Firefox 123 is a new development branch. Here is a brief overview of the updates in question, including the fixes and new features.
[German]Google has released updates to the Google Chrome browser (branch 122) in the stable channel on February 20, 2024. The Extended Stable Channel has also received an update. The Android and iOS app of the Chrome browser have also been updated. Some of the updates contain security fixes. Here is an overview of these updates. Thanks to the reader for pointing this out. Continue reading
MVP:
2013 – 2016
WIMVP:
2017 – 2020
