Thunderbird 102.7.1

Posted on 2023-02-01 by guenni

[German]The developers of Thunderbird have released another update of the email client to version 102.7.1 on February 1, 2023. It is a bug-fix update, which is supposed to fix some problems. In addition, a vulnerability that was rated as high has been closed. Just updated the client on my end.

Continue reading

Posted in Security, Software, Update | Tagged | Leave a comment

Firefox 109.0.1 released

Posted on 2023-02-01 by guenni

Mozilla[German]Mozilla developers have released versions 109.0 .1 of the Firefox browser on January 31, 2023. It is a bugfix update that is supposed to fix some minor issues.

Continue reading

Posted in browser, Software, Update | Tagged | Leave a comment

.NET out-of-band update fixes XPS rendering issue in documents (Jan. 31, 2023)

Posted on 2023-02-01 by guenni

Update[German]Microsoft has surprisingly released an unscheduled out-of-band update for .NET Framework on January 31, 2023. This should fix problems with XPS documents, which were caused by security updates from December 2022 in .NET Framework – I had reported in the blog. The update must be installed separately. The workarounds issued in December 2022 should then no longer be necessary.

Continue reading

Posted in issue, Software, Update | Tagged , , | Leave a comment

QNAP warns about vulnerability CVE-2022-27596 in QTS 5.0.1 and QuTS hero h5.0.1

Posted on 2023-02-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]NAS manufacturer QNAP has issued a security warning for its QNAP products. There is a critical vulnerability CVE-2022-27596 in the QTS 5.0.1 and QuTS hero h5.0.1 software that allows malicious code injection into the firmware. The critical vulnerability has been assigned a CVSS v3 score of 9.8. Firmware updates are now available to close the vulnerability. An update should be installed immediately. Pver 29,000 devices are vulnearable.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Windows 11 22H1: RDP issues fixed by preview update

Posted on 2023-01-31 by guenni

Windows[German]Users have been complaining about problems with remote desktop connections (RDP) under Windows 11 22H2 for months. In deed, first reports about that issue has been public sice December 2021. Last week, Microsoft released a preview update for Windows 11 22H2, which is supposed to fix confirmed RDP problems.

Continue reading

Posted in issue, Software, Windows | Tagged , , , | Leave a comment

CERT Warning: Default KeePass Setup Allows Password Theft (CVE-2023-24055)

Posted on 2023-01-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Warning to users of KeePass Password Safe for managing passwords and credentials. The Cyber Emergency Response Team from Belgium (CERT.be) published a warning about KeePass on January 27, 2023. In the default setup, write access to the XML configuration file is possible. This leads to r vulnerability CVE-2023-24055, which could open the way for an attacker to obtain the plaintext passwords by adding an export trigger (Unauthenticated RCE, Information disclosure). However, there are lesser known ways to harden the setup somewhat – whether it is useful is another story. Here is an overview of this topic.

Continue reading

Posted in Security | Tagged | Leave a comment

20,000 accounts hacked at Dutch online mail-order pharmacy DocMorris (Jan. 2023)

Posted on 2023-01-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Trouble for customers of the online mail-order pharmacy DocMorris. The mail-order company had already restricted payment options days ago due to invoice fraud and requires payment in advance. Now it is reported that 20,000 user accounts at DocMorris were hacked via a credential stuffing attack. DocMorris has blocked these accounts.

Continue reading

Posted in Security | Tagged | Leave a comment

Sysinternals RDCMan, Sysmon and ZoomIt updated

Posted on 2023-01-29 by guenni

Windows[German]The Sysinternals team updated the RDCMan (remote desktop session management), Sysmon (host monitoring tool) and ZoomIt (allows screen magnification and annotations) tools for Windows at the end of January 2023. These are bug fixes in the tools mentioned here.

Continue reading

Posted in Software, Windows | Tagged , | Leave a comment

Windows Update CSP page refreshed (Jan. 2023)

Posted on 2023-01-29 by guenni

Windows[German]Quick note to administrators of Windows environments. Microsoft has updated the Policy CSP – Update web page as of January 27, 2023. This page documents group policies for Windows Update and now shows which policies should be used for what in Windows 10/Windows 11 and which are old policies that Microsoft does not recommend.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment