[German]Anyone using the Papercut MF/NG print management solution under Windows should urgently patch the product. A critical RCE vulnerability CVE-2023-39143 that has just been disclosed allows PaperCut servers to be taken over. The vendor has already released a corresponding security patch to eliminate the vulnerability.
[German]I would like to ask the administrators among the readership if anyone else is experiencing the effect mentioned here. An administrator contacted me because he has been getting reports of supposedly corrupt notifications from Teams for days. In use is Exchange Online and also the ZAP feature of Defender from Microsoft Office 365.
[German]If anyone is wondering why malware is repeatedly found in Android apps that are quite officially available in the Google Play Store, there is an explanation. Google's security team has now confirmed that attackers are using dynamic code loading to bypass malware detection in the Play Store.
[German]Broken Windows installations can be repaired by "installing over" the operating system (known as "Inplace Upgrade"). Now there are reports that Microsoft is internally working on a feature that will enable such a repair by an "Inplace Upgrade" via Windows Update. At least in Windows 11 Insider Preview, this previously hidden function can be tested. Overall, however, the whole thing sheds light on Microsoft's quality and development status – Windows 11 is so broken that it needs an integrated function to make the system usable again via reinstallation.
[German]Microsoft has just issued a warning to Teams users because they have encountered phishing campaigns targeting this clientele. Behind these phishing campaigns are Russian attackers that Microsoft names Midnight Blizzard (or NOBELIUM. APT29, UNC2452 and Cozy Bear). The group's goal is to obtain credentials from victims, specifically in the government, non-governmental organization (NGO), IT services, technology, discrete manufacturing, and media sectors.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The days the Mozilla developers had released the versions 116.0.0 of the Firefox browser. Now version 116.0.1 has already been added. The release notes says that a bug has been fixed: Fixed an issue which caused chart elements to render incorrectly for Windows users.
[German]Microsoft mistakenly released the so-called "staging tool" that is used internally to unlock features in Windows 11. The tool was of course immediately withdrawn, but the leak was noticed and a copy of the staging tool is now circulating. Now Microsoft is trying to block the use of the tool. Below, for interested readers, is a brief overview of what's going on.
[German]Since the Office updates of late June 2023, users have been complaining about a new bug in Outlook. Outlook asks at every start if windows open in the previous session (which do not exist) should be opened again. I had reported in the blog – now Microsoft has published a workaround that looks very familiar to me. Continue reading
[German]The developers of Thunderbird have released another update of the email client to version 115.1.0 and to 102.14 on August 1-2, 2023. These are updates which fix bugs and vulnerabilities.
[German]Security vendor Tenable has made serious accusations against Microsoft. A critical vulnerability in Azure Active Directory (AAD, recently EntraID) has been known since March 2023, but has not yet been patched. The CEO of security vendor Tenable, Amit Yoran, sharply criticizes Microsoft's handling of security issues. More than 40 percent of all particularly acute vulnerabilities in recent years are related to Microsoft products. This comes at an inopportune time for Redmond, as the hack of Microsoft Azure services by the suspected Chinese group Storm-0558 has already caused enough waves. Addendum: Microsoft has patched the vulnerability on August 7, 2023.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
