[German]Google has released updates to Google Chrome Browser 119 in the Stable Channel for Mac, Linux and Windows on November 14, 2023. The Extended Stable Channel also received version 118.0.5993.144 and the Android app of the Chrome browser was updated on November 8. Here is an overview of these updates.
Continue reading
[German]Various security updates for Windows Server 2008 R2 (in the 4th ESU year) and for Windows Server 2012/R2 (1st ESU year) were released on November 14, 2023 (the updates can also be installed under Windows 7 SP1). Here is an overview of these updates for Windows Server 2008 R2 and Windows Server 2012/R2 as well as Windows 7 SP1. Continue reading
[German]On November 14, 2023 (second Tuesday of the month, patch day at Microsoft), Microsoft also released cumulative updates for Windows 11 23H2 to 21H2. Windows Server 2022 also received an update. Here are some details about these updates, which are intended to fix vulnerabilities and problems. Continue reading
[German]On November 14 (second Tuesday of the month, Patchday at Microsoft), various cumulative updates were released for the supported Windows 10 builds (from the RTM version to the current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.
Continue reading
[German]Microsoft has released security updates for Exchange Server 2016 and Exchange Server 2019 on November 14, 2023. These security updates close vulnerabilities in this software. The updates should be installed on the systems promptly to close the vulnerabilities in question. Continue reading
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On November 14, 2023, Microsoft released security updates for Windows clients and servers, for Office – and for other products. The security updates eliminate 57 vulnerabilities (CVEs), three of which are 0-day vulnerabilities that are already being exploited. Below is a compact overview of these updates that were released on Patchday.
Continue reading
[German]There is a vulnerability in the cURL library and tool in older versions, which was closed by the project on October 11, 2023 with version 8.4.0. Microsoft delivers cURL with Windows, but has not yet updated this version. My understanding is that Windows still contains the outdated cURL version after the October 2023 updates. I have now received information that Microsoft intends to deliver cURL 8.4.0 with the Windows updates on November 14, 2023.
[German]Catching up from last week – the NAS manufacturer QNAP has published a security warning for its QTS operating system for NAS stations. The critical vulnerability CVE-2023-23368 (CVSS Index 9.8) allows remote execution of commands in older QTS versions. Another vulnerability CVE-2023-23369 (CVSS Index 9.0) also allows remote attacks. Updates are available to close the vulnerability. Here is an overview of this issue.
[German]Since Elon Musk took over Twitter and renamed it X, the social network BlueSky, created by Twitter co-founder Jack Dorsey, has experienced a boom. Access is currently only possible via invite code – i.e. recommendations from people who are represented on BlueSky. I have now come across a warning that there are mails on the way that pretend to be an invitation to BlueSky, but are ultimately intended to be used to spread malware (Trojans) or for phishing. If you need a BlueSky Invite, you can get it here on borncity.com for free and without risk. I currently have free codes available again.
[German]Interesting story: I have noticed a post on BlueSky that mentions a special goody for cybersecurity victims. After an attack, when a victim received the decryptor and the key to decrypt his files, he asked if he could have a "security report" that would reveal how the IT network had been penetrated. And the victim did indeed receive some clues.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
