[German]In the last few days, I reported on various hacks at the ride service provider Uber, at Rockstar Games, and so on. A hacker with the alias Tea Pot claims to be only 18 years old and to have penetrated various IT systems for "fun". Subsequently, data was published. Now there are reports that the hacker belongs to the $Lapsus group – and an arrest of a 17 year old in the UK – in connection with hacking – has been reported.
[German]Microsoft has acknowledged compatibility issues with the drivers for Intel Smart Sound Technology on Windows 11 21H2 and 22H2. This can lead to BlueScreens and audio problems during operation. Microsoft has blocked the feature update to Windows 11 version 22H2 on affected systems.
[German]Mozilla developers have released versions 105.0.1 of the Firefox browser on September 23, 2022. It is maintenance update, which is supposed to fix bugs. Thanks to the reader for pointing it out.
[German]Small addendum: Apple has released iOS 16.0.2 for newer iPhone models on September 22, 2022. This is a maintenance update that is supposed to eliminate bugs and security gaps of the previous version. It also includes a fix for the camera problems of various iPhone 14 models. Thanks to Gerold for the tip.
[German]Since Microsoft released its cumulative (security) updates for Windows on September 13, 2022, copying or moving files via Group Policy (GPO) no longer works. I had addressed this here on the blog. Now a blog reader has provided me with some more hints as well as a PowerShell script to evaluate the paths that are affected. Therefore a supplement. Addendum: In addition, Microsoft has confirmed the problem.
Microsoft has just invited to an event "to see what's next" on October 12, 2022. Insiders expect that the manufacturer will introduce new Surface Tablet PCs at this event.
Advertising – Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this.
[German]Small addendum from this week. Microsoft had released several preview updates for Windows 10, Windows 11 and Windows Server 2019/2022 as well as .NET Framework on September 20, 2022. However, it looks like Microsoft withdrew these updates from WSUS (and also in ConfigMgr) as Superseded shortly after they were released back on September 21, 2022. Addendum: Microsoft has now confirmed the issue.
Microsoft has released unscheduled update KB15498768 for Microsoft Endpoint Configuration Manager (current branch, versions 2103, 2107, 2111, 2203, 2207) as of September 20, 2022. This update is intended to fix the vulnerability CVE-2022-37972. Details can be found in the support article NTLM connection fallback update for Microsoft Endpoint Configuration Manager.
[German]There is a critical remote command execution vulnerability (CVE-2022-36804) in the version management for software development projects, Atlassian Bitbucket. Atlassian had already published a security advisory and a product update for the vulnerability, which was rated critical, at the end of August 2022. Now the discoverers seem to have released details about the vulnerability.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
