Ransomware at Continental: Infection via an employee's browser download

Posted on 2022-12-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In August 2022, a ransomware attack on the automotive supplier Continental took place in which significant amounts of data were extradicted. The Lockbit ransomware gang was responsible, threatening to publish the siphoned data following the attack. But how did the attackers get initially into Continental's IT network? Usually, that remains a secret of the victims. At least it has now become known that the attack originated with an employee's browser download.

Continue reading

Posted in Security, Software | Tagged | Leave a comment

Windows 11 22H2: Fix for performance issues during copying files still not rolled out

Posted on 2022-12-16 by guenni

Windows[German]Users have reported a serious drop in speed when copying large files under Windows 11 22H2 – and individual Microsoft employees as well as Microsoft itself have also confirmed this (see also the blog post Windows 11 22H2: Microsoft fix for file copy performance issues is coming for details). The Insider Preview from November 28, 2022 already had a fix for some file copy issues. And this fix has now been rolled out with the security updates (Patchday: Windows 11/Server 2022-Updates (13. Dezember 2022)) on December 13, 2022. But as mentioned below, the kernel file copy bug is still unfixed, as the known issues section of the updates states.

Posted in General | 5 Comments

Firefox 108.0.1 released

Posted on 2022-12-16 by guenni

Mozilla[German]Mozilla's developers have released version 108.0.1 of the Firefox browser on December 16, 2022. It is a maintenance update, which is supposed to fix only one bug, according to the release notes. The update fixes resetting the default search engine when upgrading for profiles that were previously copied from another location. Firefox should update automatically, but can be checked for new versions via the Help menu and About Firefox. In addition, the browser can be downloaded from this website for various platforms (the variant is to be selected via the list boxes displayed). (via)

Posted in browser, Software, Update | Tagged | Leave a comment

Windows 11 22H2: Game performance upgrade blocker now removed

Posted on 2022-12-16 by guenni

WindowsMicrosoft had confirmed a game performance issue on Windows 11 version 22H2 as of November 10, 2022 (see Windows 11 22H2: Game performance issues confirmed by Microsoft). Stuttering or similar problems can occur in some games and applications. The cause is probably an unintentional activation of the GPU performance debugging features. The upgrade block set by Microsoft was first loosened, and has been removed on December 14, 2022 – as noted on the Microsoft Windows 11 22H2 healt status page.

Posted in Windows | Tagged | Leave a comment

Confirmed: Secure Boot DBX Update KB5012170 causes installation trouble (Error 0x800F0922)

Posted on 2022-12-16 by guenni

Windows[German]The Secure Boot DBX update KB5012170, which was first rolled out on August 9, 2022, still seems to cause trouble in December 2022. I had reported several times in the blog. Microsoft admitted in the follow-up to the patchday on Dec. 13, 2022, that this update can lead to the installation error 0x800F0922. Affected are all clients from Windows 10 and all servers from 2012. Below is a brief follow-up.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 2 Comments

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft certificates misused to sign malware (Dec. 2022)

Posted on 2022-12-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers have come across cases where cybercriminals have managed to sign malware-infected Windows drivers using valid digital certificates from Microsoft. This allows the malware to trick the check for a digital signature under Windows. Several threat actors seem to be involved in the abuse of Microsoft's digital signature. However, Microsoft has released updates on patchday in December 2022 to detect the affected (driver) files and eliminate attacks.

Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Windows Server 2019/2022: December 2022 security updates cause Hyper-V issues

Posted on 2022-12-15 by guenni

Windows[German]The security updates rolled out by Microsoft on the December 2022 patchday lead to problems with Hyper-V in certain constellations. New VMs can no longer be created, existing VM have problems with Ethernet connections, etc. Microsoft has admitted to these problems, although only Windows Server 2019 as well as Windows Server 2022 are said to be affected.

Continue reading

Posted in issue, Update, Virtualization, Windows | Tagged , , , , , | 2 Comments

.NET updates (Dec. 13, 2022) fixes vulnerability CVE-2022-41089, but causing issues

Posted on 2022-12-15 by guenni

Update[German]As of December 13, 2022 (Patchday), Microsoft has also released updates for .NET 7.0.1, .NET 6.0.12 and .NET Core 3.1.32. These are intended to address the CVE-2022-41089 vulnerability, which allows remote code execution. But because the update makes changes to the way WPF-based applications render XPS documents, there are problems with applications that use WPF. However, Microsoft has published a support article KB5022083 including two workarounds.

Continue reading

Posted in issue, Security, Software, Update | Tagged , , , | Leave a comment

Google Chrome Version 108.0.5359.124/.125

Posted on 2022-12-15 by guenni

Chrome[German]Google has released Google Chrome version 108.0.5359.124/125 in the stable channel for Mac, Linux and Windows on December 13, 2022. These updates close eight vulnerabilities, some of which are rated high, and probably fix bugs. Thanks to reader EP for pointing this out. In addition, the Chrome Android app has also received an update.
Continue reading

Posted in Android, browser, Security, Software, Update | Tagged , | 2 Comments

Patchday: Microsoft Office Updates (December 13, 2022)

Posted on 2022-12-15 by guenni

Update[German]On (November 8, 2022 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. The updates are available for the installable MSI version of Microsoft Office (the click-to-run packages obtain the updates through other channels). Office 2019 does not appear in the list because it is distributed via click-to-run packages and receives security updates via the Office Update feature. Below is an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment