[German]Security researchers from SafeBreach recently came across a previously unknown PowerShell backdoor in Windows. This uses a malicious Word document to inject the PowerShell scripts. The backdoor can list Active Directory users and remote desktops, and is presumably intended to allow network propagation at a later date.
[German]Microsoft has updated the Edge browser in the stable channel to version 107.0.1418.26 as of October 29, 2022. This is a security update that fixes the CVE-2022-3723 vulnerability (Type Confusion in the V8 JavaScript engine). In addition, the Edge browser in the Extended Stable Channel has been updated to 106.0.1370.61 to fix the same vulnerability. Continue reading
[German]Nartac Softwarehas released version 3.3 of its small tool IIS Crypto on October 31, 2022. New additions include support for TLS 1.3 on Windows Server, but also support for new cipher suites.
[German]A small advance notice for users of OpenSSL – there seems to be a vulnerability in the implementation of this software. Now the team of OpenSLL developers has announced that they will release an update to version 3.0.7 on November 1, 2022. Now there is speculation that this will include the fix for an OpenSLL vulnerability and how critical it will be.
[German]The platform Instagram, which belongs to Meta (Facebook), seems to have technical problems. Users cannot log in or receive a message that their Instagram account is deactivated.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Brief information to administrators in the enterprise environment who are running Windows Server 2022. It is now final, there will be support for Microsoft 365 apps until October 2026. This affects support for Microsoft 365 apps (Word, Excel, etc.) on Windows Server 2022. As recently as December 2021, Microsoft had emphasized that there would be no support for the MS 365 apps in question on the operating system. I had reported on the U turn from Microsoft.
[German]In enterprise environments, how can you ensure that (certain) security updates and quality updates are rolled out to and reach all devices as quickly as possible? Microsoft is working on "accelerated updates" for this purpose. The whole thing has now been released in a preview for enterprise customers using Intune.
[German]Since the political turmoil, government agencies and companies in Iran have found themselves in the focus of hackers who successfully break into IT systems. Web presences of TV stations are changed or the hackers penetrate IT systems and extract data. For example, Iran's Atomic Energy Agency had to admit that they were hacked (happened only after data became public). I also have a description of how hackers penetrate Iranian industrial facilities. Below is a brief overview.
[German]Microsoft has released update KB4023057 (Update for Windows Update service components) for machines with Windows 10/11 in an updated version in October 2022. The update is intended to improve the reliability of the Windows Update Service, in other words: to find any update problems on home users' Windows 10/11 systems that prevent them from upgrading.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
[