[German]Warning to users of the WinRAR archive program. Various state threat actors from Russia and China are trying to exploit a vulnerability in the WinRAR archiving tool for Windows. Attackers can execute arbitrary code when unpacking archives via the CVE-2023-38831 vulnerability. Affected by the vulnerability are WinRAR versions prior to 6.23 – currently WinRAR 6.24 is available.
[German]Europol and other law enforcement authorities like German BKA, the FBI and other international police agencies have seized the RagnarLocker ransomware gang's website, which was used to negotiate ransom payments with victims. It is hoped that this will cut off the ransomware group from its funding opportunity. Currently, there are no official announcements yet – they are expected to be released later today.
[German]Hope dies last, but now it's finally dead. Microsoft has just clarified in a blog post that the new Outlook app, which will eventually replace the classic Outlook, will not support COM. I touched on this topic here on the blog just a short while ago. Here's a quick update on what's going on.
[German]The developers of Thunderbird have released another update of the email client to version 115.3.3 on October 18, 2023 (thanks to reader for the tip). It is an update which is supposed to fix some bugs, but does not contain any new features and security fixes.
Continue reading
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
There are several vulnerabilities (buffer overflows) in firewalls running SonicOS that have received a CVSS index of up to 7.7. Sonicwall has therefore released software updates for SonicOS that close new vulnerabilities (CVE-2023-39276, CVE-2023-39277, CVE-2023-39278, CVE-2023-39279, CVE-2023-39280, CVE-2023-41711 and CVE-2023-41712). Details can be found in the SonicWall security advisory dated October 17, 2023. (via)
[German]Microsoft is using security update KB5031364 from October 10, 2023, once again to ship bloatware to Windows Server 2022 and causing frustration on the administrators side, struggling with an unwanted feature. People were quite surprised when an icon for Azure Arc Setup appeared in the taskbar after the update installation. Those who will be managing Azure instances from Windows Server 2022 should perhaps welcome this optional feature. But those who don't use Azure will be annoyed by the new bloatware from Redmond on Windows Server 2022. In the meantime, therefore, there is anger and frustration among server administrators about this latest detour from Redmond.
[German]Things are moving – just when the European Union stipulates USB-C for mobile devices, the manufacturer Apple, which has so far relied on its own interfaces, announces a pencil with USB-C port for its iPad models; price is 79 US dollars.
[German]Since a few days it is somehow clear that no more product keys from Windows 7 and Windows 8.1 can be used to reactivate Windows 10 and Windows 11. Microsoft has now confirmed this. In addition, I came across a case where there were problems using Office KMS keys for activation.
[German]Exchange Online administrators may have received a number of copies of their users' outgoing emails classified as spam in the last few hours. The cause was a spam rule causing false-positive spam notifications. Microsoft has confirmed the whole thing as Incident EX682041 and initiated countermeasures (disabling the rule). The problem should be solved with this.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
[