[German]Those who use nginx on Windows as a web server, reverse proxy and email proxy may have a problem. Sombody just found out that nginx for Windows in various versions like 1.22.1 has a vulnerability that allows privilege elevation for normal users. The reason is that the used OpenSSL library is loaded from a path that can be manipulated.
[German]Note to administrators in corporate environments who manage Windows 11 clients and are upgrading to version 22H2. There is a change in the connection of network printers, the connections are now done with RPC over TCP, as Microsoft has disclosed in a post.
[German]Security researchers from SafeBreach recently came across a previously unknown PowerShell backdoor in Windows. This uses a malicious Word document to inject the PowerShell scripts. The backdoor can list Active Directory users and remote desktops, and is presumably intended to allow network propagation at a later date.
[German]Microsoft has updated the Edge browser in the stable channel to version 107.0.1418.26 as of October 29, 2022. This is a security update that fixes the CVE-2022-3723 vulnerability (Type Confusion in the V8 JavaScript engine). In addition, the Edge browser in the Extended Stable Channel has been updated to 106.0.1370.61 to fix the same vulnerability. Continue reading
[German]Nartac Softwarehas released version 3.3 of its small tool IIS Crypto on October 31, 2022. New additions include support for TLS 1.3 on Windows Server, but also support for new cipher suites.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]A small advance notice for users of OpenSSL – there seems to be a vulnerability in the implementation of this software. Now the team of OpenSLL developers has announced that they will release an update to version 3.0.7 on November 1, 2022. Now there is speculation that this will include the fix for an OpenSLL vulnerability and how critical it will be.
[German]The platform Instagram, which belongs to Meta (Facebook), seems to have technical problems. Users cannot log in or receive a message that their Instagram account is deactivated.
[German]Brief information to administrators in the enterprise environment who are running Windows Server 2022. It is now final, there will be support for Microsoft 365 apps until October 2026. This affects support for Microsoft 365 apps (Word, Excel, etc.) on Windows Server 2022. As recently as December 2021, Microsoft had emphasized that there would be no support for the MS 365 apps in question on the operating system. I had reported on the U turn from Microsoft.
[German]In enterprise environments, how can you ensure that (certain) security updates and quality updates are rolled out to and reach all devices as quickly as possible? Microsoft is working on "accelerated updates" for this purpose. The whole thing has now been released in a preview for enterprise customers using Intune.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
[