[German]VMware by Broadcom has published a security warning on July 15, 2025 regarding various vulnerabilities in VMware ESXi, Workstation, Fusion and VMware Tools, which urgently need to be patched with security updates. It is unclear how users without a Broadcom account can access the updates.
[German]It's a "bombshell" that ProPublica has just dropped. Microsoft is using engineers in China to maintain the US Department of Defense's cloud computer systems. There is only minimal monitoring by poorly qualified American personnel. Microsoft has so far ignored all warnings that this opens the door to cyber espionage or attacks.
[German]Microsoft has now announced deadlines from which the supply of security updates for Microsoft 365 apps under Windows 10 will end after October 14, 2025, but surprisingly even provides feature updates. There will be a staggered phase-out of these feature updates. The same also applies to Windows Server 2016/2019 if Microsoft 365 apps are running under Terminal Server. There are staggered dates for the rollout of Microsoft 365 version 2608 and thus for the release of the feature updates. Security updates will then be available until October 2025.
[German]The security updates for the July 2025 patchday lead to problems in virtual machines. Virtualized instances of Windows Server 2025 and Windows 11 24H2 may no longer start under Hyper-V or VMware ESXi. The same applies to Windows 11 24H or Windows Server 2025 on Azure VMs – where there is now an out-of-band update KB5064489.
Security researchers from Tenable have discovered a vulnerability called GerriScary in Google's open source code review system Gerrit. The vulnerability allowed malicious code to be injected into at least 18 central Google projects, including ChromiumOS (CVE-2025-1568), Chromium, Dart and Bazel. Attackers could have used GerriScary to manipulate existing change requests, bypass release mechanisms and inject malicious code into critical projects.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The US branch of Belkin (provider of SmartHome accessories), has just announced that it will discontinue support for many of its Wemo SmartHome components as of January 31, 2026. From this date, various intelligent Wemo SmartHome components that rely on the cloud will no longer be controllable via the Wemo app.
[German]The UK has a problem with young cyber criminals. British police have arrested four people between the ages of 17 and 20, one of whom is a woman. Those arrested are suspected of carrying out the hack on the British retailers Co-Op, Marks & Spencer (M&S) and Harrods. The companies were unable to work for weeks following a ransomware attack.
[German]I'm posting a finding here in the blog that I came across on the web earlier this year. A user was plagued by a high CPU load under Windows, which was ostensibly caused by the Windows process WmiPrvSE.exe. At the end of the day, it turned out that the Dell Alienware Command Center was responsible for the problem.
[German]Brief information for administrators in corporate environments who use Windows Server Update Services (WSUS) to distribute updates. The service has been unable to synchronize with Microsoft endpoints since 9 July 2025. This problem should be fixed, Microsoft has fixed something on the server side.
[German]On July 8, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. This month, serious vulnerabilities in Office were closed. Below you will find an overview of the available updates.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
