[German]Administrators of Fortinet's FortiNAC and FortiWeb need to take action. The vendor released a security advisory this week and fixed critical RCE vulnerabilities. The question that arises: Why only now, isn't the vulnerability CVE-2021-42756 probably known since 2021? Is there something being exploited in the wild? Here is some information about it.
Kevin Gallo has been a developer at Microsoft since 1993 and until most recently held the position of "corporate vice president" for the Windows Developer Platform. Gallo has just announced he is leaving that post and Microsoft after nearly 30 years. To that end, he writes:
The "banana software matures at the customer". Microsoft raised the Edge browser in the Stable Channel to version 110.0.1587.49 on February 16, 2023 (they are shipping bug fixes). On February 17, 2023, Edge was raised to version 110.0.1587.50 in the Stable Channel. According to the release notes, the maintenance update is for "Fixed various bugs and performance issues for Stable and Extended Stable release."
[German]Another addendum from this week regarding the manufacturer Citrix. Citrix has issued a security bulletin for the vulnerabilities CVE-2023-24484 and CVE-2023-24485 in the Citrix Workspace App for Windows. So administrators using the Workspace app should update. In addition, a blog reader alerted me about issues with installing the Citrix Workspace App 2302 for Windows. I'll summarize these two issues in one article.
[German]Windows 11 users reported an "update installation jam" on Microsoft Answers – tens of updates were listed, but could not be installed. Some received the installation error 0x80070103. This error seems to have been corrected by Microsoft on its update servers. In addition, Windows Server 2012 R2 users are receiving update installation error 0x800F0922. Here is an overview of these issues.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft upgraded the Edge browser in the stable channel to version 110.0.1587.49 on February 16, 2023 (thanks to Robert for pointing this out). Microsoft didn't reveal too much in the release notes for this maintenance update, just "Fixed various bugs and performance issues for Stable and Extended Stable release."
Google has released updates to Google Chrome Browser 110 in the Stable Channel for Windows (110.0.5481.104) as of February 16, 2023 (see this entry on the Google blog). There are no details about fixes. In the Extended Stable Channel, version 110.0.5481.104 is scheduled to be rolled out in the coming weeks. Thanks to Robert for the tip.
[German]On February 16, 2023 the websites of several German airports were down due to DDoS attacks by suspected Russian cyber attackers. And this week Wednesday, after all, there was a Lufthansa IT outage that was originally attributed to fiber optic cable damage. Now the Russian hacker group Killnet is claiming the Lufthansa IT outage was the result of a cyberattack, as Germany supports Ukraine against Russian aggression. Hence, some cyber conspiracy theories to end the week.
[German]After the installation of the February 14, 2023 security updates, I got some reports from administrators that Exchange Web Services (EWS) is causing issues. For example, the calendar update isn't working. Uninstalling the security update solved the problem. Microsoft has confirmed the issues and provided a workaround. Therefore, a brief overview of the facts – perhaps administrators from the readership can say something about it.
[German]Small addendum that Thomas B. already pointed out to me in Sept. 2022. It is about the possibility to access Exchange mailboxes with ActiveSync by means of the app delivered in Windows 10 and Windows 11.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
