Microsoft as a Security Risk? U.S. senator calls for Microsoft to be held accountable over Azure cloud hack- Part 1

Posted on 2023-08-03 by guenni

[German]Is Microsoft and its handling of vulnerabilities in its products now the "top cyber risk"? The hack of Microsoft Azure services by the suspected Chinese group Storm-0558, made possible by a stolen private MSA key, seems to have been the straw that broke the camel's back. U.S. senators have brought the incident and Microsoft's irresponsible handling of security to the table in a hissy letter to U.S. institutions, demanding investigations or consequences.

Continue reading

Posted in General | Tagged , , | Leave a comment

Vulnerability CVE-2023-35082 in Ivanti MobileIron Core (up to version 11.2)

Posted on 2023-08-03 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]After already admitting to two vulnerabilities in July 2023 that were exploited in hacks, Ivanti has confirmed another vulnerability in MobileIron Core (Ivanti Endpoint Manager Mobile, EPMM). According to a new security advisory from Ivanti, there is another vulnerability CVE-2023-35082 in Ivanti MobileIron Core version 11.2 and older that should be fixed by a software update to a new, still supported version.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Microsoft has published the TokenTheft playbook

Posted on 2023-08-03 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Small note to administrators who are responsible for or manage services and applications in the (Microsoft) cloud. The theft of tokens can enable attackers to access the corresponding services. As a result of a corresponding incident, Microsoft has therefore published the so-called TokenTheft Playbook. This is an online document with numerous tips for "cloud managers" who have to take care of security and protection against the theft of access tokens.

Continue reading

Posted in Cloud, Security | Tagged , , | Leave a comment

PowerToys 0.72 released

Posted on 2023-08-02 by guenni

Windows[German]Microsoft has released version 0.72 of its free PowerToys for Windows 10 and Windows 11 on August 1, 2023. I have here in the blog no longer reported about these tools and the accompanying weekly water levels, especially since the software often came along with bugs and then caused problems. With the version 0.72 was optimized yes with the size of the installations as well as with the installation directory. Here is an overview of the current status.
Continue reading

Posted in Software, Windows | Tagged , | Leave a comment

Windows: Microsoft intends to disable TLS 1.0 and 1.1 soon by default in Schannel protocol

Posted on 2023-08-02 by guenni

Windows[German]Quick note for administrators in enterprise environments. Microsoft plans to soon deactivate TLS 1.0 and 1.1, which are still used by default in the Schannel protocol (starts in September 2023 with Windows 11 Insider builds). In a statement, the company recommends administrators clarify whether there is a dependency on TLS 1.0 and 1.1. People should be aware of upcoming changes to the Schannel protocol defaults and how to remove dependencies on older TLS versions (or leave them enabled for compatibility).

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Used Canon printers reveal WLAN password

Posted on 2023-08-02 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[English]Warning to owners of Canon printers who want to take them out of service and sell them – or who operate the devices in WLAN and then have to give them for repair. Manufacturer Canon currently warns that certain devices (inkjet printers of the E-, G- or MX-series, etc.) reveal the WLAN password stored for operation to third parties due to a security vulnerability. Affected are inkjet printers for home use as well as devices for business use in offices.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

Firefox 116, 115.1 ESR, 102.14 ESR released

Posted on 2023-08-02 by guenni

Mozilla[German]On August 1, 2023, Mozilla developers released the new Firefox 116, as well as the Firefox 115.1 and Firefox 102.14 ESR maintenance updates. The updates closed some vulnerabilities that were rated as High. Here is a brief overview of the updates in question, including the fixes and the new features.

Continue reading

Posted in browser, Security, Software, Update | Tagged | 1 Comment

Citrix ShareFile RCE vulnerability CVE-2023-24489 is under attack

Posted on 2023-08-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[English]Security researchers warn that attackers are exploiting the Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild right now. Citrix ShareFile is a widely used cloud-based file sharing application that is affected by critical remote code execution (RCE) CVE-2023-24489 (CVSS score 9.1). If anyone is using Citrix ShareFile, the vulnerability should be closed urgently.

Continue reading

Posted in Security | Tagged | Leave a comment

WSUS bug preventing updates distributed to Windows 11 22H2/Server 2022 fixed

Posted on 2023-07-31 by guenni

Windows[German]Since February 2022 there was the problem that in Windows Server Update Service (WSUS) updates could not be distributed to clients running Windows 11 22H2 as well as Windows Server 2022. I had even published a corresponding post on the topic in the blog. Now Microsoft has fixed the bug in this area that prevented deploying updates to Windows 11 22H2 as well as Windows Server 2022 in WSUS since February 2022.

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | Leave a comment

Microsoft 365: First Windows Mail and Calendar users will be migrated to the new Outlook at the end of August 2023

Posted on 2023-07-31 by guenni

[English]Microsoft plans to gradually migrate first users of Windows apps Mail and Calandard to the new Outlook app starting in late August 2023. I'm not sure how excited users are about this.

Continue reading

Posted in Office, Windows | Tagged , , | Leave a comment