[German]There are serious vulnerabilities in older versions of the Samba software, which provides access from Linux to Windows file and print services. The developers have issued a security advisory as of December 15, 2022, and released corrected versions of Samba that eliminate these vulnerabilities.
[German]Microsoft has upgraded the Edge browser in the stable channel to version 108.0.1462.54 on December 16, 2022. The update includes the latest fixes from the Chromium team. Second item: there is probably an expansion of the free VPN data volume in Edge from 1 to 15 Gbyte. And last item: an Edge update on February 14, 2023 will shut down Internet Explorer on Windows 10.
Continue reading
[German]Anyone who is connected to the Internet leaves traces, especially when they make payments by credit card. Security researchers have now discovered an unsecured database that was freely accessible via the Internet. This database contained 9 million credit card transaction data. The database belongs to the California-based US company Cornerstone Payment Systems.
[German]In August 2022, a ransomware attack on the automotive supplier Continental took place in which significant amounts of data were extradicted. The Lockbit ransomware gang was responsible, threatening to publish the siphoned data following the attack. But how did the attackers get initially into Continental's IT network? Usually, that remains a secret of the victims. At least it has now become known that the attack originated with an employee's browser download.
[German]Users have reported a serious drop in speed when copying large files under Windows 11 22H2 – and individual Microsoft employees as well as Microsoft itself have also confirmed this (see also the blog post Windows 11 22H2: Microsoft fix for file copy performance issues is coming for details). The Insider Preview from November 28, 2022 already had a fix for some file copy issues. And this fix has now been rolled out with the security updates (Patchday: Windows 11/Server 2022-Updates (13. Dezember 2022)) on December 13, 2022. But as mentioned below, the kernel file copy bug is still unfixed, as the known issues section of the updates states.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Mozilla's developers have released version 108.0.1 of the Firefox browser on December 16, 2022. It is a maintenance update, which is supposed to fix only one bug, according to the release notes. The update fixes resetting the default search engine when upgrading for profiles that were previously copied from another location. Firefox should update automatically, but can be checked for new versions via the Help menu and About Firefox. In addition, the browser can be downloaded from this website for various platforms (the variant is to be selected via the list boxes displayed). (via)
Microsoft had confirmed a game performance issue on Windows 11 version 22H2 as of November 10, 2022 (see Windows 11 22H2: Game performance issues confirmed by Microsoft). Stuttering or similar problems can occur in some games and applications. The cause is probably an unintentional activation of the GPU performance debugging features. The upgrade block set by Microsoft was first loosened, and has been removed on December 14, 2022 – as noted on the Microsoft Windows 11 22H2 healt status page.
[German]The Secure Boot DBX update KB5012170, which was first rolled out on August 9, 2022, still seems to cause trouble in December 2022. I had reported several times in the blog. Microsoft admitted in the follow-up to the patchday on Dec. 13, 2022, that this update can lead to the installation error 0x800F0922. Affected are all clients from Windows 10 and all servers from 2012. Below is a brief follow-up.
[German]Security researchers have come across cases where cybercriminals have managed to sign malware-infected Windows drivers using valid digital certificates from Microsoft. This allows the malware to trick the check for a digital signature under Windows. Several threat actors seem to be involved in the abuse of Microsoft's digital signature. However, Microsoft has released updates on patchday in December 2022 to detect the affected (driver) files and eliminate attacks.
[German]The security updates rolled out by Microsoft on the December 2022 patchday lead to problems with Hyper-V in certain constellations. New VMs can no longer be created, existing VM have problems with Ethernet connections, etc. Microsoft has admitted to these problems, although only Windows Server 2019 as well as Windows Server 2022 are said to be affected.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
