iLeakage: Unpatched Safari vulnerability – iOS 17.1 & macOS 14.1 released

Posted on 2023-10-27 by guenni

[German]Apple has already released iOS 17.1 (also iPadOS) and macOS 14.1 on October 25, 2023. iOS 17.1 probably fixes an Exchange synchronization bug (described here in the blog), as a reader reports. In addition, a bug that reveals the MAC address to iPhones is eliminated. Furthermore, a vulnerability called iLeakage became public the other day. The Safari browser reveals sensitive information such as passwords under iOS and macOS. This vulnerability has not been patched yet.

Continue reading

Posted in ios, macOS, Security | Tagged , , , , | 2 Comments

Windows 10 22H2 Preview Update KB5031445 (October 26, 2023)

Posted on 2023-10-27 by guenni

Windows[German]Microsoft has released an optional cumulative (preview) update KB5031445 for Windows 10 22H2 on October 26 (D-Week). This is supposed to fix numerous bugs in Windows 10 22H2. Below I provide an overview regarding these updates for Windows 10. Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Windows 11 22H2: Preview Update KB5031455 (October 26, 2023)

Posted on 2023-10-27 by guenni

Windows[German]Microsoft has released the optional cumulative (preview) update KB5031455for Windows 11 version 22H2 on October 26, 2023. This brings a number of fixes (similar to the preview update for Windows 11 21H2). Below I give an overview regarding these (Moments 4) updates for Windows 11. According to user reports, the update seems to correct the problem of the shadow font that cannot be switched off.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Vulnerability CVE-2023-5363 in OpenSSL

Posted on 2023-10-27 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]A vulnerability CVE-2023-5363 was found in the OpenSSL software. The initialization of the encryption key length and the initialization vector in OpenSLL is incorrect. However, a fix is already available for the Linux distributions Debian and Ubuntu.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Piriform CCleaner victim of MOVEit transfer vulnerability

Posted on 2023-10-27 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The vulnerability in Progress Software's Managed File Transfer (MFT) solution MOVEit, which was disclosed in May 2023, has also affected CCleaner customers of the vendor Priform (bought by AVAST and owned by Gen Digital). Piriform has just admitted to a data leak due to the MOVEit vulnerability.

Continue reading

Posted in Security, Software | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Citrix Bleed: Vulnerability CVE-2023-4966 leaks session tokens in NetScaler ADC and Gateway, PoC available

Posted on 2023-10-26 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]I would guess that Citrix users on unpatched instances are "under fire" once again, because more information is now available on the recently disclosed vulnerability CVE-2023-4966. Under the term "Citrix Bleed", security researchers have described how Citrix NetScaler ADC and Gateway leaked session tokens to attackers and presented a proof of concept (PoC). Citrix had published vulnerability advisories in early October 2023.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

0patch Micropatches for Microsoft Office security feature bypass (CVE-2023-33150)

Posted on 2023-10-26 by guenni

[German]ACROS Security released a micropatch on Oct. 24, 2203, to address a Microsoft Office Security Feature Bypass (CVE-2023-33150) vulnerability in Office versions 2010 and 2013, which are no longer in support.

Continue reading

Posted in Office, Security | Tagged , | Leave a comment

Edge 118.0.2088.69 (Oct. 24, 2023)

Posted on 2023-10-26 by guenni

Edge[German]Microsoft has updated the Edge browser in the stable channel to version 118.0.2088.69 on October 24, 2023 (thanks to the reader for pointing this out). The release notes say "fixed various bugs and performance issues". However, it is a feature update to the browser at the same time.

Continue reading

Posted in browser | Tagged | Leave a comment

Exchange Online: Missing confirmations for rooms bookings

Posted on 2023-10-26 by guenni

[German]Currently users are facing many issues with Exchange Online. German blog reader Georg emailed me yesterday (October 25, 2023) about an annoying bug in Exchange Online: They don't get any confirmations / rejections sent for rooms bookings in Exchange Online since a week.  Continue reading

Posted in Cloud, issue | Tagged , , | Leave a comment

Google Chrome 118.0.5993.117/.118

Posted on 2023-10-25 by guenni

Chrome[German]Google has released updates to Google Chrome Browser 118 in the Stable and Extended channels for Mac, Linux, and Windows as of October 24, 2023. The Chrome browser's Android app has also been updated. The updates include a security fix,. Here is an overview of these updates. And there is a reference to Google`s planned IP protection feature, that has been just announced.
Continue reading

Posted in browser, Security, Update | Tagged | Leave a comment