[German]Now it's confirmed what was only hinted at before. The developers are phasing out Microsoft Support Diagnostic Tool (MSDT) support for Windows 11 (and successor versions) in 2025. The first steps will be taken starting in 2023. The reason for this move is likely to be security considerations on Microsoft's part. Here is some information about what exactly is involved.
Continue reading
[German]In mid-January 2023 month, I had pointed out a local NTLM authentication vulnerability (CVE-2023-21746) in my German blog post Nach RemotePotato0 kommt die Windows Local Potato NTLM-Schwachstelle (CVE-2023-21746). The two security researchers Andrea Pierini &anAntonio Cocomazzi refer to this as LocalPotator, but had not disclosed details at the time. Now the security researcher has disclosed the details of this vulnerability within the article LocalPotato – When Swapping The Context Leads You To SYSTEM. Microsoft has already patched this vulnerability with the January 2023 updates for Windows.
[German]The developers of the password safe KeePass have improved the new version KeePass 2.53.1 with regard to the vulnerability CVE-2023-24055. Specifically, the export function for passwords has been secured. This was preceded by a warning from the Cyber Emergency Response Team from Belgium (CERT.be) on January 27, 2023, which pointed out a vulnerability. Passwords could potentially be easily exported by a local attacker.
[German]Microsoft raised the Edge browser in the stable channel to version 110.0.1587.41 on February 9, 2023. This is a new development branch that brings new features, but is no longer supported on Windows 7 SP1, Windows 8.1 and the server counterparts. It also closes security holes. Here's an overview of what's new.
[German]The security updates for Windows 10 and Windows 11 released on November 8, 2022 can cause problems with DirectX on Intel GPUs in certain constellations. Outdated graphics drivers from Intel cause the apphelp.dll library from Microsoft to report an error and there are problems with DirectX. However, this has only now been confirmed by Microsoft.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Small addendum from yesterday, didn't get to it due to private appointments. Adobe and Microsoft announced Wednesday, Feb. 8, 2023, that Microsoft will implement Adobe Acrobat as the new default PDF reader in the Edge browser. The two companies are celebrating this as an innovation. It rather makes my head hurt as I see the Adobe PDF reader as more of a security hole and see many, many Microsoft Edge security updates and more trouble on the horizon.
[German]Short addendum, I have not gotten to it yet. Google has already released updates of the Google Chrome browser 110 in the stable channel for Mac, Linux and Windows until February 7, 2023. Thanks to Robert for the hint. Continue reading
[German]The developers of Thunderbird have released another update of the email client to version 102.7.2 on February 7, 2023. It is a bug-fix update, which should fix some problems. Just updated the client on my end.
Continue reading
[German]Since last weekend, cyberattacks on vulnerable ESXi servers have been ongoing worldwide and there are probably a number of people affected (in Germany, a three-digit number is said to be affected). The attackers are exploiting a vulnerability that was already closed in 2021. Cybersecurity authorities around the world are warning of this danger. The US CISA has now published a recovery script to restore VMs for victims of the ESXiArgs ransomware.
[German]Today a topic that might have put one or the other user in an unpleasant situation. A machine with Windows 10 Home Edition (or Windows 11 Home) suddenly requests a Bitlocker key after an update or other change. The user stands like a duck in a thunder storm, since he does not have this key and is actually not aware of ever having done anything with Bitlocker. The cause is a stupid chain of inadequacies in the form of Microsoft's implementation and the OEMs' anticipatory obedience.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
