Sharepoint Server 0-Day vulnerability: over 400 victims, Warlock ransomware infections

Posted on 2025-07-25 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The extent of the observed wave of attacks on 0-day vulnerabilities in Microsoft SharePoint is slowly becoming apparent. Microsoft has now released emergency updates for SharePoint Server. However, it is now known that over 400 organizations have probably been compromised. And it is clear that attackers are also infecting SharePoint servers with ransomware. I will briefly summarize the new information in a follow-up article.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Vulnerabilities in around 750 printer models have been exploited since July 2025

Posted on 2025-07-25 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In June 2025, it became known that there are vulnerabilities in the firmware of almost 700 printer models from Brother and other manufacturers. There are now reports that attackers are using these vulnerabilities to attack printers that have not been updated via firmware updates.

Continue reading

Posted in devices, Security, Update | Tagged , , | Leave a comment

Exchange 2016/2019 and Skype 2015/2019 get 6 months ESU updates

Posted on 2025-07-24 by guenni

Update[German]A short addendum that may be of interest to administrators of Microsoft Exchange Server 2016/2019 and Microsoft Skye for Business 2015 and 2019. These software versions were actually due to be removed from support on October 14, 2025. Anyone who has not yet switched to newer versions will receive security updates for a further six months via a fee-based ESU program.

Continue reading

Posted in Security, Software, Update | Tagged , , , | Leave a comment

OpenAI has introduced ChatGPT Agent; Sam Altman warns of risks

Posted on 2025-07-24 by guenni

Copilot[German]OpenAI released its "ChatGPT agent" on July 17, 2025. In a longer post on X, OpenAI boss Sam Altman takes this up. At the same time, Altman warns of potentially major risks when using this ChatGPT agent. Everything is still experimental.

Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

Windows 10/11: Preview Updates July 22, 2025

Posted on 2025-07-23 by guenni

Windows[German]Microsoft has released the optional cumulative (preview) update KB5062649 for Windows 10 22H2 on July 22, 2025. In addition, the preview updates KB506266 for Windows 11 24H2 and KB5062663 for Windows 11 22H2 – 23H2 were published. These updates contain corrections that can be tested and will then be rolled out generally as fixes in the following month.
Continue reading

Posted in Update, Windows | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Patches for Sharepoint Server 2016; China behind attacks, approx. 400 organizations compromised

Posted on 2025-07-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]An addendum to the 0-day vulnerability in Microsoft SharePoint and the observed wave of attacks. Microsoft has also released an emergency update for SharePoint Server 2016. In the meantime, there are reports that some of the attacks came from China via a 0-day exploit. And over 400 organizations have probably been compromised, with the USA and Germany being the most affected. In the meantime, Microsoft has also published a more detailed blog post. Here is a review with a summary.

Continue reading

Posted in Security, Software, Update | Tagged , , | Leave a comment

Is Windows 11 update offered despite deactivated TPM?

Posted on 2025-07-22 by guenni

Windows[German]Since Windows 10 22H2 will no longer be supported as of October 14, 2025, we can expect more Windows 11 upgrade campaigns from Microsoft. I would therefore like to ask the readership whether anyone else has noticed that these upgrade offers are also being made for non-compatible hardware, e.g. missing TPM?

Continue reading

Posted in Update, Windows | Tagged , , | Leave a comment

Sharepoint servers are attacked via 0-day vulnerability (CVE-2025-53770)

Posted on 2025-07-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Does anyone in the readership operate a SharePoint server that is accessible via the Internet? If so, the house may be on fire. Since yesterday, I have been receiving information that SharePoint servers have been attacked via 0-day exploits since July 18, 2025. This blog post will be updated – we have now the first patches.

Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

Microsoft says it's ending U.S. Defense Department cloud maintenance by Chinese software engineers

Posted on 2025-07-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]That was kind of quick reaction after Microsoft was caught as a kind of  "with its finger in the honey pot", so to speak. A week after ProPublica's report, that Microsoft uses software engineers in China to maintain it's federal cloud, they draw back. Microsoft says it is no longer using engineers in China to maintain the US Department of Defense's (DoD) cloud systems.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

CrushFTP with 0-day vulnerability CVE-2025-54309

Posted on 2025-07-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Anyone from the my blog readers who uses the CrushFTP program for file transfer? In the meantime, several readers have reported (thanks for that) that there are reports of a 0-day vulnerability (CVE-2025-54309) in CrushFTP server, which is probably already being exploited.
Continue reading

Posted in Security, Software | Tagged , | Leave a comment