[German]As of June 13, 2023, various security updates have been released for Windows Server 2008 R2 (in its 4th ESU year) and for Windows Server 2012/R2 (the updates may still install on Windows 7 SP1). Here is an overview of these updates for Windows Server 2008 R2 and Windows Server 2012/R2.
Continue reading
[German]On June 13, 2023 (second Tuesday of the month, patchday at Microsoft), Microsoft also released cumulative updates for Windows 11 22H1 and 22H2. In addition, Windows Server 2022 received an update. Here are some details about these updates, which are supposed to fix vulnerabilities as well as issues.
Continue reading
[German]On June 13, 2023 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.
[German]On June 13, 2023, Microsoft released security updates for Windows clients and servers, for Office – as well as for other products. The security updates eliminate 78 vulnerabilities, 37 are remote code execution vulnerabilities (six vulnerabilities are rated critical). Below is a compact overview of these updates released on Patchday. A list of updates can be found on this Microsoft page. Details about the update packages for Windows, Office, etc. are available in separate blog posts.
[German]Microsoft has released the security updates for Exchange Server 2016 and Exchange Server 2019 as of June 13, 2023. These security updates close vulnerabilities in this software. The updates are intended to be installed on systems in a timely manner to address the vulnerabilities in question.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft has released updated administrative template files (ADMX/ADML) for Microsoft 365 Apps for Enterprise/Office LTSC 2021/Office 2019/Office 2016 and Office Customization Tool for Office 2016 as of June 12, 2023.
[German]Don't use Microsoft Edge – and boycott people who use this browser. This is the message of developer Rafael Riviera, which just came to my attention on Twitter. Therefore, a small detour to this topic area.
[German]Fortinet has released an update to the firmware for its Fortigate SSL VPNs on June 9, 2023. But they don't think they mentioned that this firmware update should be installed urgently, as it closes a critical RCE vulnerability in the Fortigate SSL VPNs. The issue has come to my attention on Twitter as well as being reported by blog readers.
The IETF has updated a document "OAuth2 Security Best Current Practices" as of June 6, 2023. The document describes current security best practices for OAuth 2.0, updating and extending the OAuth 2.0 security threat model. It incorporates practical experience gained since the release of OAuth 2.0 and covers new threats that are relevant due to the broader adoption of OAuth 2.0.
[German]Administrators responsible for supporting Progress Software's MOVEit managed file transfer (MFT) solution need to respond again. After the SQL injection vulnerability CVE-2023-34362, which was exploited by a ransomware group and became public at the end of May 2023, comes the next problem. Audits have discovered a new vulnerability that needs to be patched in a timely manner.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
