[German]In April 2025, an update was released to close the CVE-2025-26647 vulnerability in Kerberos authentication. A blog reader pointed out to me in mid-July 2025 that the registry value AllowNtAuthPolicyBypass had been introduced. However, he encountered problems related to the key.
[German]Fortinet FortiWeb administrators need to take action because there is a vulnerability warning. Users of the Directus website builder also need to take action due to a vulnerability. Here is an overview of various security vulnerabilities in products, as well as other cyber incidents. For example, tokens were stolen from Salesloft via an attack on a "Drift AI chat agent."
[German]Microsoft will end support for Microsoft Office 2016 and Microsoft Office 2019 as planned on October 14, 2025. After that, these versions of Office will no longer receive security updates. However, ACROS Security will continue to secure these two versions of Office beyond October 2025 through its 0patch agent.
[German]I received a reader report complaining about problems with Remote Desktop Server. Various customers are experiencing freezing issues with virtualized Windows Server instances. The strange thing is that this effect occurs at a specific time of day. It could be, or is likely to be, due to Trend Micro. After I posted the German edition of this blog post, I got several confirmations.
[German]Administrators of Citrix NetScaler ADC and NetScaler Gateway must respond as new critical vulnerabilities (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) have been discovered. Citrix writes that exploitation of a vulnerability via exploits has already been observed.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft released the optional cumulative (preview) update KB5063842 for Windows 10 22H2 on August 26, 2025. In addition, the preview update KB5064080 for Windows 11 22H2 – 23H2 has been released. These updates contain fixes that can be tested and will then be rolled out generally as fixes in the following month. A preview update for Windows 11 24H2 is not yet available.
Continue reading
[German]The security updates for Windows released on August 12, 2025, have caused some "collateral damage." Users of the Autodesk product AutoCAD are encountering a problem after installing the August 2025 updates on various Windows versions, whereby administrator rights are suddenly required. This also affects other software such as Firefox or SAP, and an MSI error 1730 may be reported. Below are some tips and explanations, as well as a possible workaround.
[German]Microsoft unveiled its "Cloud-Managed Remote Mailboxes" on August 20, 2025. This is an attempt to free companies that have moved all their mailboxes to Exchange Online in the cloud from the Microsoft Exchange servers they still operate on-premises. These Exchange servers are still running in order to manage recipient attributes, as this is not possible with Exchange Online, or only with considerable effort.
[German]Last week, I received a reader's tip about a problem involving Microsoft 365 Office apps and HP multifunction devices with scanning functionality. Since August 18, 2025, there have been increasing reports that scanning no longer works in this environment. HP has confirmed that changes made by Microsoft to MS 365 have broken the Scan2Mail, Scan2OneDrive, and Scan2Sharepoint functions. Continue reading
[German]Another failure in the field of AI agents. The developers of the Brave browser have revealed a vulnerability in the Perplexity Comet browser. Using prompt injection, it would be possible to retrieve sensitive information from the agent and instruct the agent to place fake orders on behalf of the user. This introduces a new phalanx of security risks, and AI providers have zero protective measures in place against it.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
