Patchday: Microsoft Office Updates (April 11, 2023)

Update[German]On April 11, 2023 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. The April 2023 patchday ends support for Office 2013, and two critical remote code execution vulnerabilities are closed in MS Publisher. Below is an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

Windows 7/Server 2008 R2; Server 2012 R2: Updates (April 11, 2023)

Windows[German]As of April 11, 2023, various security updates have been released for Windows Server 2008 R2 (in the 4th ESU year) and for Windows Server 2012/R2 (the updates may still run on Windows 7 SP1). Here is an overview of these updates for Windows Server 2008 R2 and Windows Server 2012/R2.
Continue reading

Posted in Security, Software, Update, Windows | Tagged , , , , | Leave a comment

Patchday: Windows 11/Server 2022 Updates (April 11, 2023)

Windows[German]On April 11, 2023 (second Tuesday of the month, Microsoft patch day), Microsoft also released cumulative updates for Windows 11 22H1 and 22H2. In addition, Windows Server 2022 received an update. Here are some details about these updates, which are supposed to fix vulnerabilities as well as issues.
Continue reading

Posted in General | Tagged , , , , | Leave a comment

Patchday: Windows 10 Updates (April 11, 2023)

Windows[German]On April 11, 2023 (second Tuesday of the month, patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.
Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Microsoft Security Update Summary (April 11, 2023)

Update[German]On April 11, 2023, Microsoft released security updates for Windows clients and servers, for Office – as well as for other products. The security updates fix 97 CVE vulnerabilities, seven of which are critical and one is a 0-day vulnerability. Below is a compact overview of these updates released on Patchday.A list of updates can be found on this Microsoft page. Details on the update packages for Windows, Office, etc. are available in separate blog posts.

Continue reading

Posted in Office, Security, Software, Update, Windows | Tagged , , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...


Microsoft fixes 5-year-old Defender bug that slows down Firefox

Mozilla[German]A few days ago, Microsoft fixed a bug in Defender that had been known for five years. The bug caused Defender to create a high CPU load on Windows when the Firefox browser was running. Users had to create an exception for Firefox in Defender to work around the problem. That is no longer necessary.

Continue reading

Posted in browser, Security, Windows | Tagged , , | 2 Comments

Intel driver 31.0.101.2121 stalls with error code 8 during installation

Windows[English]Brief note for users who want to use the Intel graphics driver 31.0.101.2121 under Windows and suddenly get an error code 8 displayed during installation. The problem is known – the GPU is not supported (support for Skylake 6th generation GPUs has been removed from the driver, which was not originally documented on the driver page). However, there is a workaround if anyone still wants to use the driver on Windows 10/11.

Continue reading

Posted in Software, Windows | Tagged , , | 1 Comment

AlienFox: Toolkit to compromise email and web hosting services in the cloud

Sicherheit (Pexels, allgemeine Nutzung)[German]AlienFox is a toolkit for compromising email and web hosting services. This toolkit is highly modular, comes in multiple versions, and attempts to exploit misconfigurations in the cloud to grab credentials for services such as AWS, Microsoft 365, Google Workspace, 1and1, etc. Security researchers from SentinelLabs, the research division of SentinelOne, have analyzed multiple versions of AlienFox and are making their findings available. Companies should arm themselves accordingly and protect themselves from attacks by the toolkit.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

Additional information about the compromised 3CX desktop app

Sicherheit (Pexels, allgemeine Nutzung)[German]The 3CX Desktop app from phone system provider 3CX was infected with malware via supply chain attack. As a follow-up, I have some additional information. For example, the incident has now been confirmed by 3CX and both Cyble and Kasperky have provided analysis. According to Kaspersky, the North Korean hacker group Lazarus seems to be connected to the attack. The attack was also made possible because a vulnerability in Windows, known for 10 years, was declared by Microsoft to be only "opt-in" to close – hardly anyone knows about this possibility. And not all virus scanners recognize the threat.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Citrix Cloud Connector May 2023 upgrade requires new DigiCert G4 root and intermediate certificates

[German]Brief note for administrators who are responsible for the deployment of the Citrix Cloud Connector. Normally, there is no need to worry about an update of this connector. However, in early May 2023, there is a connector update that administrators should be take care of. The installation of the update in question requires that the required DigiCert G4 root and intermediate certificates have been updated beforehand.

Continue reading

Posted in Cloud, Security, Software | Tagged , , | Leave a comment