[German]A vulnerability (CVE-2023-5129) exists in the Libwebp WebP library with the maximum possible CVSS index of 10. A heap buffer overflow allows attackers to execute malicious code. Originally, the vulnerability was assigned to the Chrome browser. However, because it affects the Libwebp library, a number of software packages that use this library are affected. Updates have already been released for Chrome and Firefox.
As of September 28, 2023, Mozilla developers have released security updates of Firefox 118.0.1, 118.1.0 and 115.3.1. The updates closed a critical vulnerability (CVE-2023-5217: Heap buffer overflow in libvpx). An overview of the security fixes can be found here (thanks to the reader for the tip).
Trend Micro has released a new "Critical Patch" for its ApexOne product (thanks to the reader for pointing it out). The patch applies to Apex One Service Pack 1 (server and agent build 12512). The critical patch fixes several bugs at once, one of which prevents the Apex One server from receiving virus detection log data from managed security agents.
[German]Google has released updates to the Google Chrome browser 117 in the stable channel for Mac, Linux and Windows on September 27, 2023. It is a security update that should be rolled out and fix several vulnerabilities (some classified as "high"). One vulnerability (CVE-2023-5217) is being exploited in the wild. The browser's Android app has also received a security update.
[German]Microsoft has clearly lost track with the needs of its commercial users. The latest example is the backup app that Redmond flushed onto Windows 10 users' systems via a security update in September 2023. Not really usable and impossible to get off the system. Especially the administrators and users of LTSC versions of Windows 10 are frustrated because they have been spared from such bloatware so far.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Browser selection screens are likely to become standard again in the EU from 2024 thanks to the Digital Markets Act (DMA). In anticipation of the European Commission's Digital Markets Act (DMA), Mozilla has addressed the issue and warns against "dirty tricks" by operating system vendors with which they have had bad experiences in the past.
[German]The European Union (EU) is planning to surveillance of chats of EU citizens without any reason. There is widespread opposition from civil liberties movements and warning from experts. Though deliberations on chat control were recently removed from the agenda of the Committee of Permanent Representatives of the Member States, and the timetable for its introduction is wobbling. Now, an investigative research has revealed unpalatable details of who is behind the "NGO" child protection campaign "Pro Chat Control". Behind the Non Government Organization (NGO) is an influential network consisting of law enforcement officials from the US and UK, lobbying and PR agencies, and PR strategists. The NGO is funded with millions of euros of foreign money to enforce warrantless surveillance of citizens via chat control in the EU.
[German]As of September 26, 2023, Microsoft has started to distribute the "fall update" (internally called Moments 4 Update) for Windows 11 22H2. This is supposed to enable the feature upgrade to Windows 11 23H2 "later" – but is likely to lead to a rollout chaos. First, it is now not clear when certain features will be unlocked on individual Windows 11 systems. Secondly, the heavily advertised Copilot will not be released in Europe for the time being. The following is an outline of this topic.
[German]The developers of Thunderbird have released another update of the email client to version 115.3.0 on September 26, 2023 (thanks to Tom for the tip). It is an update which is supposed to fix numerous bugs, but does not contain any new features or security fixes.
Continue reading
[English]Microsoft has released the optional cumulative (preview) update KB5030301 for Windows 11 version 21H2 on September 26, 2023. The preview update brings a number of bug fixes for people who are still on version 21H2 (which, after all, drops out of support in October 2023). Below I give an overview regarding these updates for Windows 11.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
