Exchange Server: New 0-day (not NotProxyShell, CVE-2022-41040, CVE-2022-41082)

Posted on 2022-10-11 by guenni

Exchange Logo[German]We're likely to get security updates for on-premises Exchange Server (2016-2019) in a few hours that will hopefully close the two 0-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) known since late September 2022. But there is likely another 0-day vulnerability in Exchange Server that is being actively exploited in the wild to infect installations with the LockBit 3.0 ransomware. Here is some information on what I am aware of.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Adobe Acrobat (Reader) DC 2022.003.20258; Installer Error 2251.Database: Transform

Posted on 2022-10-11 by guenni

[German]Adobe has released its (planned) update of Adobe Acrobat (Reader) DC to version 2022.003.20258 (Windows) and (Mac) on October 11, 2022. This update includes some new features and fixes some bugs. However, the installation ends with the error "2251.Database: Transform" for some users.

Continue reading

Posted in Software, Update | Tagged , | 9 Comments

Windows 10: Beware of a possible TLS disaster on October 2022 patchday

Posted on 2022-10-11 by guenni

Windows[German]Today, October 11, 2022 is Microsoft's patchday, and Windows 10 will also receive its monthly security update. As a precaution, I draw your attention to an issue that could possibly cause trouble in a few hours under Windows 10 20H2 to 21H2: Microsoft is expected to disable TLS 1.0 and 1.1 with the security update for these Windows 10 versions. On the other hand, it looks like the TLS 1.3 implementation is causing problems on Windows 10. So, there could be problems with remote desktop applications and all applications that rely on TLS 1.0/1.1.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 4 Comments

Exchange Server: Microsofts improves solutions for 0-day mitigation again (October 8, 2022)

Posted on 2022-10-11 by guenni

Exchange Logo[German]One more addendum regarding On-Premises Exchange Server (2016-2019) and the two 0-Day vulnerabilities (CVE-2022-41040, CVE-2022-41082) known since the end of September 2022. As of the weekend (October 8, 2022), Microsoft had again tweaked its articles to mitigate these vulnerabilities. In addition, a blog reader came forward to point out errors in the fixed PowerShell script. I'm just getting around to writing an addendum on the state of affairs today. With any luck, there will be a patch in a few hours.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

VirtualBox 7.0.0 with Secure Boot and virtual TPM support

Posted on 2022-10-11 by guenni

Virtualbox[German]Oracle's developers have released the new Virtualbox version 7.0.0 on October 10, 2022. Secure Boot has been implemented in the EFI in this version. In addition, this version can emulate virtual TPM 1.2 and 2.0, which comes into play for Windows 11.

Continue reading

Posted in Software, Virtualization | Tagged | Leave a comment

iOS 16.0.3 released

Posted on 2022-10-11 by guenni

[German]Apple has released iOS 16.0.3 for newer iPhone models on October 10, 2022. It is a security update that is supposed to fix the CVE-2022-22658 vulnerability in Mail.  Thanks to Gerold for the tipContinue reading

Posted in ios | Tagged | Leave a comment

Windows 11 22H2: Microsoft confirms performance issues when copying files

Posted on 2022-10-10 by guenni

Windows[German]Copying large files under Windows 11 22H2 can lead to a serious drop in speed. What was already known from user circles and described by individual Microsoft employees has now been officially confirmed by Microsoft. So far, there are only workarounds that Microsoft suggests to work around the problem. Below is an overview of where the problem occurs and what the user can do about it.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 3 Comments

Edge 106.0.1370.37 with bug fixes; failed start issue not fixed

Posted on 2022-10-10 by guenni

Edge[German]Short addendum: Microsoft has updated the Edge browser in the stable channel to version 106.0.1370.37 on October 6, 2022. Is a bug fix update that is supposed to fix bugs in the Edge 106.0.1370.34 released on October 3, 2022. But I got reports, that the Edge start problem, observed in Edge 106.0.1370.34, is still present – there is a workaround known. Here is a brief overview of the current version and Edge 106.0.1370.34.

Continue reading

Posted in browser, issue, Update | Tagged , , | 2 Comments

Bug: Outlook no longer connects to the mail server (October 2022)

Posted on 2022-10-10 by guenni

[German]Microsoft confirms another error in Outlook in Microsoft 365 in a support post. It may be that Microsoft Outlook can no longer connect to the email server. The IMAP or POP server has disconnected unexpectedly and the connection to the server has been lost. Error code 0x800CCC0F is reported.

Continue reading

Posted in issue, Office | Tagged , | 7 Comments

US President Biden signs Executive Order for "Privacy Shield 2.0" data protection agreement

Posted on 2022-10-09 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]On October 7, 2022, U.S. President Joe Biden launched the new data protection agreement with the European Union, referred to here as "Privacy Shield 2.0," by means of an Executive Order (E.O.). This is intended to clear the legal way for data exchange between the EU and US providers. The data protection organization noyb around Max Schrems expects that this new agreement will also fail before the European Court of Justice (ECJ).

Continue reading

Posted in Security | Tagged , | Leave a comment