[German]The security updates for the July 2025 patchday lead to problems in virtual machines. Virtualized instances of Windows Server 2025 and Windows 11 24H2 may no longer start under Hyper-V or VMware ESXi. The same applies to Windows 11 24H or Windows Server 2025 on Azure VMs – where there is now an out-of-band update KB5064489.
Security researchers from Tenable have discovered a vulnerability called GerriScary in Google's open source code review system Gerrit. The vulnerability allowed malicious code to be injected into at least 18 central Google projects, including ChromiumOS (CVE-2025-1568), Chromium, Dart and Bazel. Attackers could have used GerriScary to manipulate existing change requests, bypass release mechanisms and inject malicious code into critical projects.
[German]The US branch of Belkin (provider of SmartHome accessories), has just announced that it will discontinue support for many of its Wemo SmartHome components as of January 31, 2026. From this date, various intelligent Wemo SmartHome components that rely on the cloud will no longer be controllable via the Wemo app.
[German]The UK has a problem with young cyber criminals. British police have arrested four people between the ages of 17 and 20, one of whom is a woman. Those arrested are suspected of carrying out the hack on the British retailers Co-Op, Marks & Spencer (M&S) and Harrods. The companies were unable to work for weeks following a ransomware attack.
[German]I'm posting a finding here in the blog that I came across on the web earlier this year. A user was plagued by a high CPU load under Windows, which was ostensibly caused by the Windows process WmiPrvSE.exe. At the end of the day, it turned out that the Dell Alienware Command Center was responsible for the problem.
[German]Brief information for administrators in corporate environments who use Windows Server Update Services (WSUS) to distribute updates. The service has been unable to synchronize with Microsoft endpoints since 9 July 2025. This problem should be fixed, Microsoft has fixed something on the server side.
[German]On July 8, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. This month, serious vulnerabilities in Office were closed. Below you will find an overview of the available updates.
[German]Since July 9, 2025 (C.E.T.) German blog readers reporting, that their Windows Server Update Services (WSUS) are failing to sync with Microsoft's update servers. The endpoint from Microsoft isn't reachable and WSUS can't download the July 2025 security updates from Microsofts update server. Addendum: It's fixed.
[German]On July 8, 2025 (second Tuesday of the month, Patchday at Microsoft), various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates along with some details for these Windows Server versions (from Windows Server 2012 to 2025).
[German]On July 8 (second Tuesday of the month, Patchday at Microsoft), Microsoft released cumulative updates for the still supported client operating system versions of Windows 10 and Windows 11. Here are some details about these updates, which are intended to fix vulnerabilities and problems.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
