[German]It was a report the other day that BlueNoroff APT hackers are using new techniques to bypass Windows' "Mark of the Web" protections that prompted me to bring the topic up again on the blog. That's because MotW, as it's called for short, has come up more frequently in recent months – first because Microsoft wouldn't close a MotW vulnerability. And then it released a patch for a vulnerability after all.
The Saudi Arabian government infiltrated Wikipedia by recruiting the organization's highest ranked administrators in the country to serve as government agents to control information about the country and prosecuting those who contributed critical information about political detainees, said SMEX and Democracy for the Arab World Now (DAWN) today. Following an internal investigation in 2022, Wikimedia terminated all of its administrators in Saudi Arabia in December. DAWN and SMEX documented Wikimedia's infiltration by the Saudi government based on interviews with sources close to the company and the imprisoned administrators.
[German]A brief tip for administrators who are so slowly introducing Windows 11 into corporate environments. In the default settings of the operating system, the Winlogon credentials can be read out in plain text using a simple DLL. The new group policy "Enable MPR notifications" is now supposed to prevent this. The whole thing has finally been implemented (after 20 years) in Windows 11 22H2.
[German]Lenovo has pointed out a number of vulnerabilities in the BIOS of the ThinkPad X13s in a security announcement. These allow memory corruption and information disclosure. A BIOS update is available to close the vulnerabilities.
[German]On January 10, 2023, Windows 7 SP1 and Windows Server 2008/R2 will receive security updates for the last time and will drop out of support. With this, Microsoft will also discontinue support for Edge on Windows 7 SP1, Windows Server 2008/R2 and Windows Server 2012/R2. ACROS Security has announced it will secure the Microsoft Edge browser for at least two years, until January 2025, after the browser is no longer supported by Microsoft on these platforms.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Since the release of the November 2022 updates, issues can occur when accessing SQL databases. This has already been admitted by Microsoft. Here on the blog, readers had suggested a workaround in the form of an ODBC driver replacement. Now Microsoft has officially released a workaround for solving the ODBC access problems to SQL databases. Continue reading
[German]Unusual experience reported to me by a blog reader. He suddenly found himself facing the problem of not being able to write back a backup he had made on his Acer Swift 3 with an 11th generation Intel Core i5. According to the reader, the problem never occurred with the predecessors of this processor. But with some tricks the reader managed to read back the backup. I then did some quick research, it is related to Intel's VDM, which can be used with 11th generation Core i5 CPUs and prevents detection of NVMe SSD IDE devices.
[German]Victims of the MegaCortex ransomware family can now hope to recover their encrypted files. This is because a universal decryptor co-developed by Bitdefender is now available for files encrypted by the MegaCortex ransomware family. With this free tool, victims can make encrypted data from all MegaCortex versions available again. The decryptor is a joint development of Bitdefender, Europol, the NoMoreRansom project, and the public prosecutor's office and cantonal police in Zurich.
Just a short note: It seems that Microsoft has fixed an issue, that prevents Thunderbird mail client to connect successful with Exchange Online using IMAP and oAuth2 (see my addendum at Thunderbird can't connect via IMAP an oAuth with Exchange Online (outlook.office365.com)).
[German]The Mozilla developers have released version 108.0.3 of the Firefox browser on January 5, 2022. It is a maintenance update that is supposed to fix two bugs and also brings a small change under macOS. In addition, at this point a note: Starting with Fixefox 110 (until Firefox 120), Mozilla will freeze the user agent of the browser to avoid confusion with Internet Explorer 11.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
