Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)

Posted on 2022-10-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Since May 2022, a bug has been known to exist in Windows that prevents the "Mark of the Web" flag from being set for files extracted from ZIP archives. Microsoft itself has not yet released a patch for this 0-day vulnerability. The vulnerability is already being exploited. Therefore, ACROS Security has addressed the problem and developed a 0Patch micropatch to close it. The patch is freely available, only the 0patch agent is needed.

Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Out-of-band updates for Windows fixes SSL-/TLS connection issues (also with Citrix) – October 17, 2022

Posted on 2022-10-18 by guenni

Update[German]As of October 17, 2022, Microsoft has released an unscheduled update KB5020387 for Windows 11 21H2. This update fixes a connection problem that can occur with SSL and TLS connections. All Windows client and server versions that are still in support are probably affected by this problem. The update also fixes a connection issue with Citrix clients that I just reported on.

Continue reading

Posted in Update, Windows | Tagged , , | 6 Comments

Citrix connections broken after Windows update KB5018410 (October 2022) (TLS problem)

Posted on 2022-10-18 by guenni

Windows[German]Small addendum from last week. Since the October patchday (October 11, 2022), administrators of Citrix installations have noticed that connections no longer work for Citrix clients once Windows update KB5018410 has been installed. This update for Windows 10 version 20H2-21H2 is likely where the TLS 1.0/1.1 issue struck. Addendum: It seems that an out-of-band update from Microsoft has fixed this issue.

Continue reading

Posted in issue, Software, Update, Windows | Tagged , | 2 Comments

Microsoft layoffs (October 17, 2022)

Posted on 2022-10-18 by guenni

[German]On Monday, October 17, 2022, it was announced that Microsoft has announced layoffs in several areas. This is the next step after tech groups had already announced a hiring freeze due to the downturn in the economy. Now, jobs are specifically being cut.

Continue reading

Posted in General | Tagged | Leave a comment

WordPress 6.0.3 released

Posted on 2022-10-18 by guenni

I just received a message that a maintenance update to WordPress 6.0.3 has been released. This update closes some vulnerabilities, which are described here. Here the update has worked without any noticeable issues.

Posted in Security, Software | Tagged | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Warning: Phishing Mail from "Microsoft" suggesting a password change

Posted on 2022-10-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Warning regarding a new phishing campaign that a blog reader alerted me to via email today (October 17, 2022). The mail apparently comes from Microsoft and claims that the password for the email account has been changed. If one had been, one need not respond. If you have not changed your password, your mailbox has been compromised and you need to react. And there was a hint that the password change was made from North Korea …

Continue reading

Posted in Security | Tagged , | Leave a comment

Windows 8.1 was released on October 17, 2013

Posted on 2022-10-17 by guenni

WindowsSmall reminder: Nine years ago, on October 17, 2013, the then "new" Windows 8.1 was released as a free upgrade to the hapless Windows 8 general. The release to manufacturing (RTM) date was August 27, 2013, and my ears were ringing with Microsoft's praise of how great it was. At the time, "touch operation" was all the rage – today, hardly anyone in Windows talks about this feature.

Continue reading

Posted in Windows | Tagged | Leave a comment

Windows Update KB5012170 (Secure Boot DBX) re-released for WSUS (Oct. 2022)

Posted on 2022-10-17 by guenni

Windows[German]Brief information for administrators in the Windows environment. A reader just informed me that Windows Update KB5012170 has been re-released in WSUS. This update was released on Patchday, August 9, 2022 to fix issues in Secure Boot DBX. However, this update caused significant issues with Bitlocker for some users, up to and including systems no longer booting.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 2 Comments

Sysinternals released Zoomit 6.1

Posted on 2022-10-17 by guenni

[German]Brief note from Sysinternals tools – Mark Russinovich's team has released ZoomIt v6.1. ZoomIt is a screen zoom, annotation and recording tool for technical presentations that include application demonstrations.

Continue reading

Posted in Software, Update | Tagged | Leave a comment

Microsoft confirms: Windows fails to detect dangerous drivers – block lists not updated

Posted on 2022-10-17 by guenni

Windows[German]Windows 10/11 and its server pendants should block known, malicious drivers when they are loaded, so that they cannot cause any damage, as Microsoft has claimed for years. Now, Microsoft has secretly admitted that they made a mistake there. Because the updates that are responsible for defining a  driver blocking list in Windows were probably never reliably published or updated. However, administrators can update the block lists manually.

Continue reading

Posted in Security, Windows | Tagged , , , | Leave a comment