[German]Security researchers from Aqua Security came across several vulnerabilities in Microsoft's PowerShell gallery some time ago. The vulnerabilities were then reported to Redmond, where unsuccessful attempts were made to fix the bugs with patches. Now the security researchers have gone public with a report about this a few days ago to warn about these vulnerabilities.
[German]On August 5, 2023, I received an e-mail from Microsoft informing me about changes to the service contract. It says that the service contract has been made "clearer now". If you take a look at the details, you will see that a new AI services category has been added.
[German]I recieved a report from a German administrator, telling me, that inplace upgrades from Windows 10 (22H2) to the current Windows 11 version 22H2 fails in his enterprise environment. The issue has been observed since August 8, 2023. After I've published the German edition of this blog post, more affected users confirmed that. Finally the administrator came back with a solution, the dynamic updates downloaded during setup seems to be the culprit. Here is an overview about that topic.
The US security agency CISA warns about the Citrix ShareFile RCE vulnerability CVE-2023-24489 (CVSS score 9.1) and has added it to its vulnerability list. Citrix ShareFile is a widely used cloud-based file sharing application. The vulnerability being attacked in the wild had been addressed by me as of August 1, 2023 in the blog post Citrix ShareFile RCE vulnerability CVE-2023-24489 is under attack.
[German]A couple of weeks ago, Mozilla's developers has released Firefox version 116.0.0 und then version 116.0.1 on August 7, 2023. On August 16, 2023, version 116.0.3 was added as a new bug fix update. However, I have received a report that there were problems with the copy & paste function of the clipboard with this version – similar to the last WhatsApp update.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The developers of Thunderbird have released another update of the email client to version 115.1.1 on August 15, 2023. It is an update, which should fix bugs.
[German]Since Microsoft released the March 2023 security updates for Windows 11, some users have complained about performance issues with SSD drives. It mainly affects SSD NVMEs that act as boot drives. Now I've come across a report that these performance issues with SSDs have been resolved by the August 2023 security updates for a majority of those affected.
[German]Google has released updates to the Google Chrome browser 116 in the stable channel for Mac, Linux and Windows on August 15, 2023. These are security updates that will be rolled out in the coming weeks and should eliminate 26 vulnerabilities. Furthermore, there is an update to the Chrome app for Android.
[German]Quick question to my blog readers. I have received a report that URL filtering.in Defender for Endpoint is broken. In this context, it would be interesting to know if there are other people affected or if the reader is an isolated case. The affected companies are those where Defender for Endpoint is used in conjunction with Windows 11 22H2 and Microsoft 365.
[German]It's been a few days since it became known that members of the suspected Chinese cyber group Storm-0558 managed to break into the Exchange Online and private outlook.com accounts of 25 organizations. Now a US senator came forward with the information that he had just been informed by the FBI that his personal email account was affected by this hack. And while we're on the subject, I'll put a second piece of information in this post. Administrators who are responsible for looking after the Microsoft Cloud in companies need to check whether tenants were affected by this hack. If necessary, a data protection incident report must then be submitted to the relevant authorities.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
