[German]Microsoft Exchange Server hybrid configurations are vulnerable to the elevation of privilege vulnerability CVE-2025-53786. Over 28,000 instances are still unpatched. The US CISA has given authorities until Monday, August 11, 2025, to patch the vulnerability. Here is an overview
[German]Microsoft offers biometric authentication via Windows Hello on Windows 10 and Windows 11. Logging in securely using facial recognition or fingerprints instead of passwords? Not really, according to German security researchers, who warn against using Windows Hello in corporate environments.
[German]The Microsoft Lens mobile app will be discontinued on September 15, 2025. Microsoft just announced this in the Microsoft 365 Admin Center. Its replacement will be—you guessed it—Microsoft Copilot.
[German]Cannonical released Ubuntu 24.04.3 LTS (Noble Numbat) as a point release on August 8, 2025. The Ubuntu version provided for its desktop, server, and cloud products comes with long-term support.
[German]Another brief summary of security vulnerabilities in devices. At the end of July 2025, Lenovo notebooks reported vulnerabilities that could be closed via UEFI updates. And in Dell notebooks, a vulnerability called ReVault was found in the ControlVault3 firmware for Broadcom chips. NVIDIA GPUs are vulnerable to an attack called GPUHammer and should be protected against it via ECC testing.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On August 8, 2025, Microsoft updated its template files (Administrative Templates, ADMX/ADML files) for Microsoft Office 2016 and higher to version 5516.1000. The template files contain the group policies for managing Microsoft Office.
[German]I'm going to quickly mention something I just came across here in the blog. The download section of the Microsoft website does not offer ADMX templates for Microsoft Office for download – an error message appears. Here is my (changing and supplementary) summary. Addendum: The broken link has been fixed and there is a new ADMX version.
[German]Someone among the blog readership who relies on SonicWall. There have been reports for days that attacks on SonicWall firewalls are being observed. It seems to relate to the SSL VPN function of the Gen 7 SonicWall firewalls. It is unclear whether an unknown vulnerability is being exploited.
[German]Another note for administrators of Microsoft Exchange Server hybrid configurations. Microsoft points out that these configurations are at risk from an Elevation of Privilege vulnerability (CVE-2025-53786). However, there is a hotfix to eliminate this vulnerability in these hybrid configurations and instructions to secure the installation.
[German]Quick survey for administrators among my blog readers: Is there a problem with OneDrive, and how are you dealing with it? In July 2025, Microsoft began allowing OneDrive Personal users to synchronize OneDrive for Business as well. How are you dealing with this issue, which could pose a security problem?
MVP:
2013 – 2016
WIMVP:
2017 – 2020
