[English]In February 2023, I had a poll on the blog regarding connection issues with Microsoft 365 applications. Some administrators had responded with confirmations. Now an administrator has contacted me on the blog, and posted a solution that works for him, which I am adding as an addendum.
[German]Since Microsoft and Windows system administrators are investing more in macro security, attacks via this vector are becoming more difficult. Cybercriminals are looking for new ways to deliver malware to users. OneNote occupies a prominent position as a gateway – but other files and the Mark of the Web vulnerability in Windows have also been increasingly used for attacks recently.
[German]A couple of days ago a German user contacted me with a strong observation. On a fresh installed Windows 11 22H2 he received an event log entry that says (translated) "Windows Security Health Service exe no longer functioning". In addition, there are display errors in the Defender settings page. The strange thing is that the error happens to one user right after rebooting the system. It seems, that a Defender update brokes something.
[German]Short note for users who use NoSpamProxy to filter mails. The developers have released version 14.0.5 – those who still have an older version installed should update. The background is that the provider Cyren discontinues its services.
[German]It has been known since November 2022 that there is a Bitlocker bypass vulnerability CVE-2022-41099 in the Windows Recovery Environment (WinRE). Patching it, however, is anything but easy (see blog post Windows 10: Be aware of WinRE WinRE patch to fix Bitlocker bypass vulnerability CVE-2022-41099). Now Microsoft has released a script to install the WinRE BitLocker bypass fix on systems.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]It is a strange story that a user reported and probably also documented. Because he could not activate an official Windows 10 Pro license purchased from Microsoft with the included product key, he contacted the manufacturer's support. He was not successful either, but then resorted to unusual means that are only known from the cracker scene.
[German]The developers of Thunderbird have released another update of the email client to version 102.9.0 on March 14, 2023. It is a bug fix and security update, which should eliminate vulnerabilities.
Continue reading
[German]The Mozilla developers have released the versions 111.0 and 102.9.0 ESR of the Firefox browser on March 14, 2023. The ESR versions are maintenance updates that are supposed to fix bugs. Firefox 111 is a new development branch. In both updates, vulnerabilities are fixed. Thanks to the reader for the tip.
Continue reading
[German]A critical vulnerability CVE-2023-23397 exists in Microsoft Outlook, which allows third-party privilege exploitation. This vulnerability has been actively exploited by Russian attackers since mid-April 2022. Users and administrators should immediately install the Outlook security updates provided by Microsoft. As part of a patchday recap, I summarize some information in this post.
[German]On March 14, 2023 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. A critical remote code execution vulnerability in Word is closed. Below is an overview of the available updates.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
