Windows kernel fix for CVE-2023-32019 enabled for all (August 2023)

Posted on 2023-08-20 by guenni

Windows[German]Small addendum to the vulnerability CVE-2023-32019 in the Windows kernel. Microsoft had patched the relevant vulnerability on patchday (June 13, 2023), but had not armed it. The vulnerability CVE-2023-32019 can be used to obtain information. To enable the fix against the vulnerability, administrators could previously set a registry entry under Windows. Now Microsoft has automatically armed this protection against the vulnerability for all users with the security updates of August 8, 2023.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | 2 Comments

WinRAR Code Execution Vulnerability CVE-2023-40477

Posted on 2023-08-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]I don't know how common WinRAR is among the blog readers. WiNRAR developers have fixed a critical code execution vulnerability (CVE-2023-40477) in the software. It is enough to open a compromised archive file to allow attackers to execute arbitrary code on the victim's target system. Therefore, those who use WinRAR should install the latest version 6.23. Addendum: It was suspected, that software products that contain the WinRAR libraries are also affected. But that seems not be true.

Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Data leak at NXP Semiconductors

Posted on 2023-08-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]There has been a data leak at NXP Semiconductors, a manufacturer of electronic semiconductor components. The Dutch company is the 2006 spin-off of the semiconductor division of Royal Philips. Following the acquisition of Freescale, NXP is Europe's largest semiconductor manufacturer with sales of almost 9 billion euros.

Continue reading

Posted in Security | Tagged | 1 Comment

PowerHell: Attention, unfixed vulnerabilities in the PowerShell gallery

Posted on 2023-08-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from Aqua Security came across several vulnerabilities in Microsoft's PowerShell gallery some time ago. The vulnerabilities were then reported to Redmond, where unsuccessful attempts were made to fix the bugs with patches. Now the security researchers have gone public with a report about this a few days ago to warn about these vulnerabilities.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Changes to the Microsoft Service Agreement as of September 30, 2023

Posted on 2023-08-18 by guenni

Paragraph[German]On August 5, 2023, I received an e-mail from Microsoft informing me about changes to the service contract. It says that the service contract has been made "clearer now". If you take a look at the details, you will see that a new AI services category has been added.

Continue reading

Posted in General | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Windows 10 22H2: Inplace Upgrade to Windows 11 22H2 fails since August 8, 2023

Posted on 2023-08-18 by guenni

Windows[German]I recieved a report from a German administrator, telling me, that inplace upgrades from Windows 10 (22H2) to the current Windows 11 version 22H2 fails in his enterprise environment. The issue has been observed since August 8, 2023. After I've published the German edition of this blog post, more affected users confirmed that. Finally the administrator came back with a solution, the dynamic updates downloaded during setup seems to be the culprit. Here is an overview about that topic.

Continue reading

Posted in General | Tagged , , | Leave a comment

CISA warns of Citrix ShareFile RCE vulnerability CVE-2023-24489

Posted on 2023-08-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)The US security agency CISA warns about the Citrix ShareFile RCE vulnerability CVE-2023-24489 (CVSS score 9.1) and has added it to its vulnerability list. Citrix ShareFile is a widely used cloud-based file sharing application. The vulnerability being attacked in the wild had been addressed by me as of August 1, 2023 in the blog post Citrix ShareFile RCE vulnerability CVE-2023-24489 is under attack.

Posted in Security | Tagged | Leave a comment

Firefox 116.0.3 released with bug fix – problems with Copy&Paste?

Posted on 2023-08-17 by guenni

Mozilla[German]A couple of weeks ago, Mozilla's developers has released Firefox version 116.0.0 und then version 116.0.1 on August 7, 2023. On August 16, 2023, version 116.0.3 was added as a new bug fix update. However, I have received a report that there were problems with the copy & paste function of the clipboard with this version – similar to the last WhatsApp update.

Continue reading

Posted in browser, issue, Update | Tagged , | 1 Comment

Thunderbird 115.1.1

Posted on 2023-08-17 by guenni

[German]The developers of Thunderbird have released another update of the email client to version 115.1.1 on August 15, 2023. It is an update, which should fix bugs.

Continue reading

Posted in Software, Update | Tagged | Leave a comment

Windows 11: SSD drive performance issues fixed by August 2023 updates?

Posted on 2023-08-17 by guenni

Windows[German]Since Microsoft released the March 2023 security updates for Windows 11, some users have complained about performance issues with SSD drives. It mainly affects SSD NVMEs that act as boot drives. Now I've come across a report that these performance issues with SSDs have been resolved by the August 2023 security updates for a majority of those affected.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | Leave a comment