Citrix Workspace App 2203: MSEdgewebview2 causes high resource usage and performance issues

Posted on 2023-04-07 by guenni

[German]Brief note for administrators of Citrix Workspace App 2203: Build 2203 of the Citrix Workspace App in question seems to cause high resource utilization and thus performance problems under Windows. [Addendum: It's not clear to me, if version 2203 LTSC is affected, or if it's a typo and it affects 2303. I use 2203 here, in accordance with Citrix`support post.] The reason is probably due to the webview component of Edge (MSEdgewebview2). Citrix has suggested a workaround, but it is only applicable in certain scenarios.

Continue reading

Posted in Cloud, issue, Software, Virtualization | Tagged , | Leave a comment

Nexx garage door remote controller: Vulnerability allows access for hackers

Posted on 2023-04-06 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Anyone who owns a Nexx home automation system and uses it to remotely control their garage doors now has a fat problem. A vulnerability in the Nexx remote control allows hackers to gain unauthorized access to the garage doors. They can then remotely access this control, open the garage door and possibly enter the garage or even buildings via this route. Unfortunately, there is no countermeasure against such manipulations.

Continue reading

Posted in devices, Security, Software | Tagged , | Leave a comment

Google Chrome 112.0.5615.49/.50

Posted on 2023-04-05 by guenni

Chrome[German]Google has released updates to the Google Chrome browser 112 in the stable channel for Mac, Linux and Windows on April 4, 2023. These are security updates that fix critical vulnerabilities. The apps for Android and iOS have also been updated.

Continue reading

Posted in browser, ios, Software, Update | Tagged , , | Leave a comment

MS OneNote will block 120 dangerous file types in future

Posted on 2023-04-05 by guenni

[German]Microsoft is reacting to the fact that OneNote is now being abused as a malware sling for systems. The application is supposed to block 120 dangerous file types in the future, so that they can no longer be abused for malware attacks by downloads from the Internet.

Continue reading

Posted in Office, Security | Tagged , | Leave a comment

FBI seizes Genesis Market

Posted on 2023-04-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In a coordinated action, the FBI and international law enforcement have seized and taken down the domain of Genesis Market, dismantling one of the most important criminal online platforms. The Genesis Market was a central hub for criminals seeking to purchase stolen credentials as well as tools to harvest such credentials. The Market was linked to millions of cyberattacks, from fraud to ransomware cases.

Continue reading

Posted in Security | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Critical vulnerability CVE-2023-1707 in HP printer firmware, no patch available

Posted on 2023-04-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Firmware from various laser printers is vulnerable to CVE-2023-1707 vulnerability. Certain HP Enterprise LaserJet and HP LaserJet are potentially vulnerable to information disclosure in managed environments when IPsec is enabled with FutureSmart version 5.6. A patch may be up to 90 days away. Administrators so far only have the option to perform a workaround in the form of a firmware downgrade.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

KVM bug: Windows VMs can hang at boot after 11 days

Posted on 2023-04-04 by guenni

Stop - Pixabay[German]Over the past few months, some administrators have complained of Windows virtual machine boot issues in conjunction with the monthly security updates. In many cases, this could be traced back to VMware products such as ESXi – or turning off Secure Boote helped get VMs booting again. But there is a bug in certain versions of the virtualizer KVM, which affects e.g. QUEMU or Proxmox users from version 7.x on. Then Windows virtual machines no longer boot if they have been running for more than 11 days. I'll pull this issue out separately.

Continue reading

Posted in Virtualization, Windows | Tagged , | Leave a comment

Hard drive manufacturer Western Digital victim of cyber attack (March 2023)

Posted on 2023-04-03 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Hard drive manufacturer Western Digital admitted to a cyber attack on its IT networks on April 3, 2023. An unauthorized person was able to gain access to the internal IT networks probably already in March this year. The whole thing was noticed on March 26, 2023, the company announced in a message to the public. Whether data has been leaked is currently unknown.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows 11 22H2: Fix for script error in Group Policy Preferences (GPP)

Posted on 2023-04-03 by guenni

Windows[German]Good news for Windows 11 client administrators (version 22H2). Microsoft has fixed the script error in Group Policy Preferences (GPP) in the preview updates from the end of March 2023 and will generally roll out this fix on Patchday in April 2023. This should eliminate the annoying crashes, for example in the Task Scheduler or Group Policy Management Editor.

Continue reading

Posted in issue, Update, Windows | Tagged , , | Leave a comment

Design flaw in WiFi protocol allows attackers to intercept network traffic

Posted on 2023-04-02 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Another small addendum from the end of March 2023. Security researchers have discovered a serious design weakness in the IEEE 802.11 WiFi protocol standard. This weakness could allow attackers to eavesdrop on WLAN access points and transmit network frames in plain text. This could, for example, inject malicious JavaScript commands into the network packets. It is an academic finding, and there is no evidence yet that this flaw is being exploited.

Continue reading

Posted in Security | Tagged | Leave a comment