[German]The security update KB5002427 for Outlook 2016 from July 11, 2023 (as well as the Click-2-Run updates of Office from the same date) cause an unpleasant bug. If the user wants to open links in Outlook 2016, the program displays a security notice. The links simply no longer work. The solution I know so far is to uninstall update KB5002427 (or the latest Office 365 build).
[German]Google has released updates to the Google Chrome browser 115 in the stable channel for Mac, Linux and Windows on July 18, 2023. They are security updates that will be rolled out in the coming weeks and should fix 20 vulnerabilities.
[German]Brief warning to administrators of Citrix NetScaler ADC and Citrix Gateway. The vendor has issued a security advisory warning of a critical remote code execution vulnerability in the products. The vendor has released updates for the affected products, which administrators should apply immediately to the installations they support.
[German]The days the Mozilla developers had released the versions 115.0 of the Firefox browser (see). Now the 115.0.3 ESR version of the browser has been released as of July 18, 2023 (thanks for pointing it out). The release notes of Firefox 115.0.3 ESR only contain the note: Fixed a startup crash for Windows users with Qihoo 360 Antivirus software installed (bug 1843977).
[German]Microsoft has updated the Edge browser to version 114.0.1823.86 as of July 17, 2023. The release notes state that various bugs and performance issues for Microsoft Edge have been fixed.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Today, July 18, 2023, Microsoft's Exchange Online cloud service appears to have been experiencing a [partial] glitch since morning (8 a.m. UTM). German blog readers reported that emails are being blocked. There are various references to issues on 3rd party status pages, and Microsoft's social media team also writes on Twitter that they are investigating reports of disruptions. Here's a brief overview.
[German]A suspected China-based hacking group, dubbed Storm-0558 by Microsoft, was able to gain access to email accounts of about 25 organizations in the Microsoft cloud. In a follow-up late last week, Microsoft followed up with a "comprehensive" text with some limited information about what happened. In a nutshell, Microsoft probably succeeded in stopping the attack (discovered and reported by customers by accident) after weeks. But it is still unclear how the attackers got hold of an abused Microsoft Account (MSA) customer key, and (now corrected) bugs in the Azure code probably enabled the abuse of the MSA key.
[German]The web service virustotal.com (founded by the Spanish company Hispasec Sistemas, taken over by Google), which has been operated by Google since 2012, is popular among security researchers and companies for checking suspicious files for malware. However, there are warnings about how critical automated documents uploaded to Virustotal are with regard to data protection and data leaks, because the data can be viewed by third parties. And even registering with virustotal.com is not a good idea, as a data leak shows. The Austrian media STANDARD has received a list of registered customers of virustotal.com, which disclose names of employees including e-mail addresses. Some of those affected, from secret services or companies, would rather not see their data in public.
[German]A small addendum for administrators of Microsoft's Azure Virtual Desktop: Redmond announced last week that so-called "private links" are now generally available in Azure Virtual Desktop. This should increase the security of connections to Azure Virtual Desktop instances. This is because Private Link ensures that connections to Azure Virtual Desktop instances remain in a trusted and secure private network environment, as they are handled over a secure Microsoft network. This eliminates the need for the service in question to be accessible via the Internet.
[German]On June 13, 2023, a blog reader received a message from Defender for Endpoint (ATP). He was notified that there was an outbound connection to IP 20.119.0.42:443 associated with a hacking group "Storm-0900". Later another reader mentioned such an alert. I'll post the information here on the blog – maybe there are others affected – because the IP belongs to a Microsoft Azure instance.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
