The developers of LibreOffice have released updates to versions 7.6.2 and 7.5.7. These security updates were required to close the CVE 2023-4863 vulnerability in libwebp (see also my post WebP vulnerability (CVE-2023-5129) affects multiple software packages such as web browser). The Document Foundation has published this blog post about the security update. (via)
[German]Microsoft has now technically ended the upgrade option from Windows 7 SP1 and Windows 8.1 for Windows 10 and Windows 11. This means that the previously still possible activation with a corresponding product key of Windows 7 or Windows 8.1 is no longer possible in the future. Microsoft has now officially announced this and at the same time also adapted or ended the activation via HWID (hardware ID) via corresponding servers.
[German]Quite an unpleasant surprise that Microsoft has flushed onto the systems of its users of Windows 11 22H2 (and probably soon Windows 11 23H2) with the preview update KB5030310. Those using a plain desktop will now be forcibly greeted with a shadow font under the desktop icon texts. It's well known that "Microsoft knows what's good for its user base", but the result just looks like shit and here on the blog two reader comments have already hit complaining about this "innovation of Microsoft".
[German]Microsoft is working on Windows 11 23H2, in which the Explorer provides some new features. But the old Explorer in Windows 11 still seems to be buggy. A German blog reader reported a bug in Windows Explorer back on September 11, 2023. The problem is that the Explorer window focus suddenly steal the focus the while working in Windows 11.
[German]A vulnerability (CVE-2023-5129) exists in the Libwebp WebP library with the maximum possible CVSS index of 10. A heap buffer overflow allows attackers to execute malicious code. Originally, the vulnerability was assigned to the Chrome browser. However, because it affects the Libwebp library, a number of software packages that use this library are affected. Updates have already been released for Chrome and Firefox.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
As of September 28, 2023, Mozilla developers have released security updates of Firefox 118.0.1, 118.1.0 and 115.3.1. The updates closed a critical vulnerability (CVE-2023-5217: Heap buffer overflow in libvpx). An overview of the security fixes can be found here (thanks to the reader for the tip).
Trend Micro has released a new "Critical Patch" for its ApexOne product (thanks to the reader for pointing it out). The patch applies to Apex One Service Pack 1 (server and agent build 12512). The critical patch fixes several bugs at once, one of which prevents the Apex One server from receiving virus detection log data from managed security agents.
[German]Google has released updates to the Google Chrome browser 117 in the stable channel for Mac, Linux and Windows on September 27, 2023. It is a security update that should be rolled out and fix several vulnerabilities (some classified as "high"). One vulnerability (CVE-2023-5217) is being exploited in the wild. The browser's Android app has also received a security update.
[German]Microsoft has clearly lost track with the needs of its commercial users. The latest example is the backup app that Redmond flushed onto Windows 10 users' systems via a security update in September 2023. Not really usable and impossible to get off the system. Especially the administrators and users of LTSC versions of Windows 10 are frustrated because they have been spared from such bloatware so far.
[German]Browser selection screens are likely to become standard again in the EU from 2024 thanks to the Digital Markets Act (DMA). In anticipation of the European Commission's Digital Markets Act (DMA), Mozilla has addressed the issue and warns against "dirty tricks" by operating system vendors with which they have had bad experiences in the past.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
