Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333

Posted on 2022-09-30 by guenni

Exchange Logo[German]Last night I had reported on the blog about a 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers, which is already being exploited in the wild. Within hours, Microsoft has now responded and confirmed that they are currently investigating two reported zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) affecting Microsoft Exchange Server 2013, 2016 and 2019. At the same time, Microsoft is providing affected administrators with guidance on what to do to protect against these zero-day vulnerabilities until appropriate security updates are available.

Continue reading

Posted in Security, Software | Tagged , , | 2 Comments
Advertising

Exchange Server servers attacked via 0-day exploit (Sept. 29, 2022)

Posted on 2022-09-30 by guenni

Exchange Logo[German]There are reports that a new zero-day exists in Microsoft Exchange that is being actively exploited in the wild. Security researchers confirm that some installations – including a honeypot – are already infected. Details about the zero-day are not yet available. Here's an overview of what I know so far and what, if anything, can be done to detect attacks.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

Tip: Exchange Health Checker – Script extensions by Frank Zöchling

Posted on 2022-09-30 by guenni

Exchange Logo[German]Microsoft offers the Exchange Health Checker, a PowerShell script to check on-premises Exchange installations for problems. The script is continuously developed by Microsoft. Frank Zöchling has now extended the Exchange Health Checker with a script to automatically make important settings when checking an Exchange installation.

Continue reading

Posted in Software | Tagged | Leave a comment
Advertising

Thunderbird 102.3.1 released

Posted on 2022-09-29 by guenni

[German]The developers of Thunderbird have released another update of the email client to version 102.3.1 on September 28, 2022. It is a bug-fix update, which should fix a number of problems and vulnerabilities.

Continue reading

Posted in Security, Software, Update | Tagged | Leave a comment

Barracuda Networks: Spam filter/virus scan blocks mails globally (September 29, 2022)

Posted on 2022-09-29 by guenni

Stop - Pixabay[German]Brief notification for administrators who use a mail protection / security solution from Barracuda Networks in an enterprise environment. Since tonight (September 29, 2022) there seems to be a problem that emails get stuck in their spam filters (Email Security Gateway or Barracuda Email Protection) and are not forwarded. The whole thing seems to be a global problem – although there is almost no information available.

Continue reading

Posted in issue, Security, Software | Tagged , , | 9 Comments
Advertising

Chrome 106.0.5249.61/62 released

Posted on 2022-09-29 by guenni

Chrome[German]Google has released the update of Google Chrome 106.0.5249.61 for Mac/Linux and Chrome 106.0.5249.61/62 for Windows on September 28, 2022. It is a new development branch, with the update fixing 20 vulnerabilities.

Continue reading

Posted in browser, Linux, macOS, Security, Update, Windows | Tagged | 1 Comment

Malware trend August 2022: Emotet no more #1

Posted on 2022-09-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]CheckPoint has released its Global Threat Index for August 2022, a top list of malware infections. Surprisingly for me, the previously frequently mentioned Emotet ransomware has been displaced from the top spot it held in previous months. Now, a malware called FormBook is in the No. 1 spot, followed by AgentTesla, the latter being no stranger either. Here is some information on the threat landscape provided to me by CheckPoint.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows 11 22H2: Out-of-band update KB5019311 (Sept. 27, 2022)

Posted on 2022-09-28 by guenni

Windows[German]Microsoft has released an out-of-band update KB5019311 on September 27, 2022, for Windows 11, version 22H2. This update is supposed to fix localization issues in the setup files. Thouse issues have been detected in non English versions of Windows 11 22H2.

Continue reading

Posted in Update, Windows | Tagged , , , | Leave a comment
Advertising

HP printers: Critical vulnerability (Sept. 2022)

Posted on 2022-09-27 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]HP has published a warning about a buffer overflow vulnerability in the firmware of various printer models (Inkjet, Laserjet Pro and HP PageWide Pro printers) on September 21, 2022. One vulnerability even potentially allows remote code execution (RCE). Firmware updates for the affected printer models are now available.

Continue reading

Posted in devices, Security | Tagged , | 1 Comment

Windows batch files: Strange behavior of the IF command

Posted on 2022-09-27 by guenni

Windows[German]German blog reader Frank contacted me about a problem on Windows that I don't really have an explanation for. Originally it was about the IF command in batch files returning wrong values when comparing. So Frank tested the whole thing with PowerShell and found something similar there. Only a test program written with VB .NET delivered the expected results. Since the batch program also delivers the same, incorrect, results under Windows 7, I assume that Frank and I have overlooked something. I'll post the problem here in the blog – maybe a reader will notice something.

Continue reading

Posted in Windows | Tagged | Leave a comment