[German]For Windows 7 and 8.1 Ssecurity updates were released for the last time. The Windows Server counterparts 2008 R2 and 2012/R2 also received security updates on patchday. Here is an overview of these updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.
[German]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 as of January 10, 2023. These security updates close two vulnerabilities (Elevation of Privilege and Spoofing) in this software. These updates should be installed on systems in a timely manner to close the vulnerabilities in question.
[German]On January 10, 2023 (second Tuesday of the month, Patchday at Microsoft), Microsoft also released cumulative updates for Windows 11 22H1 and 22H2. In addition, Windows Server 2022 received an update. Here are some details about these updates, which are supposed to fix vulnerabilities as well as issues.
Continue reading
[German]On January 10, 2023 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.
[German]On January 10, 2023, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – released. The security updates eliminate 98 vulnerabilities, of which (11 are critical, one is a 0-day vulnerability. Below is a compact overview of these updates released on patchday.
Continue reading
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On January 10, 2023, Windows 8.1 and the operating systems Windows 7 SP1 and Windows Server 2008 R2, which have been in the Extended Security Update Program (ESU) for three years, will receive security updates for the last time. Then support for these operating systems will end – at least a little bit – but it is not quite over yet. Windows Server 2012 R2 will still get security updates until October 2023, but the Edge browser will no longer be supported. The following is an overview of what you should know.
[German]It was a report the other day that BlueNoroff APT hackers are using new techniques to bypass Windows' "Mark of the Web" protections that prompted me to bring the topic up again on the blog. That's because MotW, as it's called for short, has come up more frequently in recent months – first because Microsoft wouldn't close a MotW vulnerability. And then it released a patch for a vulnerability after all.
The Saudi Arabian government infiltrated Wikipedia by recruiting the organization's highest ranked administrators in the country to serve as government agents to control information about the country and prosecuting those who contributed critical information about political detainees, said SMEX and Democracy for the Arab World Now (DAWN) today. Following an internal investigation in 2022, Wikimedia terminated all of its administrators in Saudi Arabia in December. DAWN and SMEX documented Wikimedia's infiltration by the Saudi government based on interviews with sources close to the company and the imprisoned administrators.
[German]A brief tip for administrators who are so slowly introducing Windows 11 into corporate environments. In the default settings of the operating system, the Winlogon credentials can be read out in plain text using a simple DLL. The new group policy "Enable MPR notifications" is now supposed to prevent this. The whole thing has finally been implemented (after 20 years) in Windows 11 22H2.
[German]Lenovo has pointed out a number of vulnerabilities in the BIOS of the ThinkPad X13s in a security announcement. These allow memory corruption and information disclosure. A BIOS update is available to close the vulnerabilities.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
