Microsoft Security Update Summary (April 11, 2023)

Posted on 2023-04-12 by guenni

Update[German]On April 11, 2023, Microsoft released security updates for Windows clients and servers, for Office – as well as for other products. The security updates fix 97 CVE vulnerabilities, seven of which are critical and one is a 0-day vulnerability. Below is a compact overview of these updates released on Patchday.A list of updates can be found on this Microsoft page. Details on the update packages for Windows, Office, etc. are available in separate blog posts.

Continue reading

Posted in Office, Security, Software, Update, Windows | Tagged , , , , | Leave a comment

Microsoft fixes 5-year-old Defender bug that slows down Firefox

Posted on 2023-04-11 by guenni

Mozilla[German]A few days ago, Microsoft fixed a bug in Defender that had been known for five years. The bug caused Defender to create a high CPU load on Windows when the Firefox browser was running. Users had to create an exception for Firefox in Defender to work around the problem. That is no longer necessary.

Continue reading

Posted in browser, Security, Windows | Tagged , , | 2 Comments

Intel driver 31.0.101.2121 stalls with error code 8 during installation

Posted on 2023-04-11 by guenni

Windows[English]Brief note for users who want to use the Intel graphics driver 31.0.101.2121 under Windows and suddenly get an error code 8 displayed during installation. The problem is known – the GPU is not supported (support for Skylake 6th generation GPUs has been removed from the driver, which was not originally documented on the driver page). However, there is a workaround if anyone still wants to use the driver on Windows 10/11.

Continue reading

Posted in Software, Windows | Tagged , , | 1 Comment

AlienFox: Toolkit to compromise email and web hosting services in the cloud

Posted on 2023-04-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]AlienFox is a toolkit for compromising email and web hosting services. This toolkit is highly modular, comes in multiple versions, and attempts to exploit misconfigurations in the cloud to grab credentials for services such as AWS, Microsoft 365, Google Workspace, 1and1, etc. Security researchers from SentinelLabs, the research division of SentinelOne, have analyzed multiple versions of AlienFox and are making their findings available. Companies should arm themselves accordingly and protect themselves from attacks by the toolkit.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

Additional information about the compromised 3CX desktop app

Posted on 2023-04-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The 3CX Desktop app from phone system provider 3CX was infected with malware via supply chain attack. As a follow-up, I have some additional information. For example, the incident has now been confirmed by 3CX and both Cyble and Kasperky have provided analysis. According to Kaspersky, the North Korean hacker group Lazarus seems to be connected to the attack. The attack was also made possible because a vulnerability in Windows, known for 10 years, was declared by Microsoft to be only "opt-in" to close – hardly anyone knows about this possibility. And not all virus scanners recognize the threat.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Citrix Cloud Connector May 2023 upgrade requires new DigiCert G4 root and intermediate certificates

Posted on 2023-04-10 by guenni

[German]Brief note for administrators who are responsible for the deployment of the Citrix Cloud Connector. Normally, there is no need to worry about an update of this connector. However, in early May 2023, there is a connector update that administrators should be take care of. The installation of the update in question requires that the required DigiCert G4 root and intermediate certificates have been updated beforehand.

Continue reading

Posted in Cloud, Security, Software | Tagged , , | Leave a comment

Microsoft 365: Outlook.com can't send/receive mails, due to reaching Microsoft's OneDrive file limit

Posted on 2023-04-09 by guenni

[German]Nasty surprise for Microsoft 365 users who use Microsoft's Outlook.com email service. Users of the free email service may suddenly find that they can no longer receive or send mails. The reason given for the Outlook.com going on strike is that the available storage capacity of OneDrive has been exceeded. The cause of this effect is a change in the OneDrive storage limit policy on February 1, 2023, which has now been rolled out more broadly. This is because Microsoft now also includes email attachments for Outlook.com in the 5 GB OneDrive storage limit.

Continue reading

Posted in Cloud, issue | Tagged , , | Leave a comment

Google Dropcam and Nest Secure reaches End of Live on April 8, 2024

Posted on 2023-04-09 by guenni

[German]Bad news for users of Google's home automation products like the Nest Thermostats, the Dropcam camera or the Google Secure solutions. Google has announced that their support will be discontinued on April 4, 2024. The solutions in question will then no longer be accessible via app and will become more or less useless, as support will be missing. Here is a short overview of what Google has announced.

Continue reading

Posted in Cloud, Security, Software | Tagged , , , , | Leave a comment

Issues with new 365 tenant/accounts – Migration Exchange 2013 to Exchange Online

Posted on 2023-04-08 by guenni

Exchange Logo[German]This month, support for Microsoft Exchange 2013 expires, so administrators are facing a switch to Exchange 2019 or Exchange Online. A blog reader emailed me the other day because he ran into problems when migrating customers from Microsoft Exchange 2013 to Exchange Online. I'm posting the reader's experience report here – maybe it will help others who are affected.

Continue reading

Posted in Cloud, issue | Tagged , | 3 Comments

Windows 10 21H2: Support expires in June 2023

Posted on 2023-04-08 by guenni

Windows[German]Microsoft has reminded Windows 10 users as of April 6, 2023 that support for version 21H2 will expire in June 2023. After that, these builds will not get any security updates. Users of version 21H2 have two options: Either they update the operating system to version 22H2. Or they check whether the machine is compatible for Windows 11 22H2 and switch to this version – at least that is what Microsoft writes. Another alternative would be to switch to a Linux distribution, provided that the required functions are available on this platform. And there would be the option of switching to Windows 10 1909 IoT LTSC – there is support there until 2029.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment