[German]Microsoft has released security updates for Windows 7 and 8.1 as well as for the Windows Server counterparts 2008 R2 and 2012/R2 on Patchday. Here is an overview of these updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.
[German]On December 13 (second Tuesday of the month, Microsoft patch day), Microsoft also released cumulative updates for Windows 11 22H1 and 22H2. In addition, Windows Server 2022 received an update. Here are some details about these updates, which are supposed to fix vulnerabilities as well as issues.
Continue reading
[German]On December 13, 2022 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.
[German]On December 13, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – released. The security updates fix 49 vulnerabilities, 6 of which are classified as critical, and two 0-day vulnerabilities, one of which is already being exploited. Below is a compact overview of these updates released on patchday.
[German]The developers of Thunderbird have released another update of the email client to version 102.6.0 on December 13, 2022 (thanks to the reader for pointing this out). It's a bug-fix update that should fix some issues.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The Mozilla developers have released the versions 108.0 and 102.6.0 ESR of the Firefox browser on December 13, 2022. The ESR versions are maintenance updates that are supposed to fix bugs. Firefox 108 is a new development branch. In both updates, vulnerabilities are fixed. Thanks to the reader for the tip.
Continue reading
[German]Citrix has informed about a critical vulnerability CVE-2022-27518 in its products Citrix ADC and Citrix Gateway. This affects versions: 12.1 (including FIPS and NDcPP) and 13.0 before 13.0-58.32 of Citrix ADC and Citrix Gateway. However, both products are only affected if they are running with a SAML SP or IdP configuration. Citrix has released updates to close the vulnerability.
[German]FortiGuard Labs reported a critical vulnerability CVE-2022-42475 in FortiOS on December 12, 2022, which arguably allows remote code execution over SSL VPN. The bad thing is that this vulnerability is already being exploited in the wild. The vendor has since released FortiOS security updates for the affected versions.
[German]Quick survey or note to administrators who use Sophos security solutions (ATP). Currently it looks like the Sophos security products are misclassifying the Cloudflare IP address 188.114.97.3 as ATP C2/Generic-A. After a blog reader informed me via a private Facebook message, some information on what I've found out so far.
[German]cecurity tools such as virus scanners claim to protect systems from threats. But malfunctions or vulnerabilities can unintentionally expose systems to particular risks. A security researcher recently demonstrated in a proof-of-concept (POC) that anti-malware solutions can be tricked into selectively deleting files on a system. The researcher called this approach "aikido" – derived from the Japanese martial art of using an opponent's attack against the opponent himself.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
