[German]Microsoft has released the security updates for Exchange Server 2016 and Exchange Server 2019 as of June 13, 2023. These security updates close vulnerabilities in this software. The updates are intended to be installed on systems in a timely manner to address the vulnerabilities in question.
[German]Microsoft has released updated administrative template files (ADMX/ADML) for Microsoft 365 Apps for Enterprise/Office LTSC 2021/Office 2019/Office 2016 and Office Customization Tool for Office 2016 as of June 12, 2023.
[German]Don't use Microsoft Edge – and boycott people who use this browser. This is the message of developer Rafael Riviera, which just came to my attention on Twitter. Therefore, a small detour to this topic area.
[German]Fortinet has released an update to the firmware for its Fortigate SSL VPNs on June 9, 2023. But they don't think they mentioned that this firmware update should be installed urgently, as it closes a critical RCE vulnerability in the Fortigate SSL VPNs. The issue has come to my attention on Twitter as well as being reported by blog readers.
The IETF has updated a document "OAuth2 Security Best Current Practices" as of June 6, 2023. The document describes current security best practices for OAuth 2.0, updating and extending the OAuth 2.0 security threat model. It incorporates practical experience gained since the release of OAuth 2.0 and covers new threats that are relevant due to the broader adoption of OAuth 2.0.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Administrators responsible for supporting Progress Software's MOVEit managed file transfer (MFT) solution need to respond again. After the SQL injection vulnerability CVE-2023-34362, which was exploited by a ransomware group and became public at the end of May 2023, comes the next problem. Audits have discovered a new vulnerability that needs to be patched in a timely manner.
[German]Microsoft has been struggling with outages in its cloud services (Exchange Online, Outlook.com) for days. As of June 9, 2023, the services of Microsoft Azure (probably worldwide) were disrupted. May be technical in nature – but rumor persists that attackers may be partly responsible. A cyber group Anonymous Sudan claims to attack Microsoft and be responsible for the disruptions.
[German]The Mozilla developers just had released the versions 114.0 of the Firefox browser (see). Now the version 114.0.1 was pushed after. The release notes of Firefox 114.0.1 from June 9, 2023 only contain the note: Fix a startup crash (bug 1837201).
[German]Microsoft's Edge update to version 114.0.1823.41 from June 6, 2023, seem to have caused some issues for some users. I've received reports of crashes – and another administrator complains about "useless stuff" that was displayed in Edge in his corporate environment. Here's a quick rundown. Meanwhile, version 114.0.1823.43 of Edge is distributed.
[German]Varonis security researchers have discovered a problem associated with Salesforce sites that are orphaned and no longer in use. Varonis Threat Labs security researchers have discovered that improperly disabled Salesforce sites, known as ghost sites, continue to retrieve current data and are accessible to attackers: By manipulating the host header, cybercriminals can gain access to sensitive personal data and business information.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
