[German]I received reports from users, that the Microsoft Edge browser has been installing the mysterious files bgaupdate.exe and bgaupsell.exe for quite some time. While these were not functional until now, something seems to have changed with Edge 116. Bloat- and malware is mentioned in hints from readers. I'll try to gather the information I have on this.
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via Ivanti-Zero-Day. For several weeks now, companies around the world – a great many of them also in Germany, Austria and Switzerland – have been reporting cyberattacks by exploiting various vulnerabilities in Ivanti Endpoint Manager Mobile. Palo Alto Networks or its Unit 42 has now published a summary of the status.
[German]Short information for administrators of Office installations with Microsoft Outlook. I received reports, that since installing August 2023 updates for Microsoft Outlook were installed, the so-called body text of appointments can only be changed by the organizer of the appointment. This is by design, and documented by Microsoft.
[German]Microsoft has updated the Edge browser to version 116.0.1938.62 as of August 25, 2023. It is a maintenance update that probably fixes an issue with ignored group policies when logging in to the user account and also fixes vulnerabilities.
[German]Since weeks, administrators have been complaining about problems with remote desktop connections that can occur on Windows 11 22H2. Microsoft announced in July 2023 that they are investigating the problem, and there is probably a workaround. Coincidentally, however, a blog reader has come forward and found the culprit for his RDP problems in his case. Windows Defender Credential Guard seems to be causing conflicts with RDP.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed correctly, the vulnerabilities in the Duolingo API still haven't been fixed yet.
[German]The old recommendation not to install a month's preview updates immediatly has proven itself again in August 2023. The optional preview updates released on August 22, 2023 are supposed to fix numerous bugs and provide new group policies in Windows 11 for the update installation. But Microsoft had to admit that the updates cause an UNSUPPORTED_PROCESSOR BlueScreen on some machines. The updates were therefore withdrawn for some machines.
Brief information for administrators who are responsible for Citrix ShareFile. David M. just emailed me about a worldwide outage (thanks for that). He noted that this afternoon (8/24/2023) the connection to Citrix Sharefile became slower and slower. Then the connection became more unreliable until finally the communication completely broke down, he writes. Since about 09:33 EDT there is also a corresponding message on the official ShareFile® Status Page: "Investigating: Users are currently unable to authenticate into ShareFile. Engineering is investigating." and meanwhile "Identified – The issue has been identified and a fix is being implemented.". So should be up and running again soon.
[German]I received yesterday a report from a German blog reader and administrator in an enterprise environment just emailed me about an unpleasant observation. The Google Chrome browser is automatically creating shortcuts or installing its own apps in their Windows environment. After I published the German edition of this blog post, I got more confirmation, but currently there isn't clear, what triggers this nor how to prevent this behavior. Addendum: Linux is also affected. Continue reading
[German]Customers of Danish cloud provider CloudNordic have successfully learned what it means to share responsibility. The provider had a ransomware infection when moving to a new data center, so the cloud offering was completely knocked out for the clientele. The provider had to inform customers that all servers and customer data had been wiped. In addition, CloudNordic informed that it does not want to and cannot pay the ransom demand of the cybercriminals. If you don't have a backup, it's now "time to call it quits" and everything has to be restarted manually.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
