[German]On September 13, 2022 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates.
[German]On September 13, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. The security updates also eliminate 63 vulnerabilities, 5 of which are critical and one 0-day vulnerability. Below is a compact overview of these updates released on patchday.
[German]US vendor Cisco was, after all, the victim of a ransomware attack by the Yanluowang group, which was also made public. Now, the group has started to publish data of the company that was captured during this attack. Cisco has since issued a statement on this new release. So far, there are no findings that very sensitive data impacting the company's business was captured or published.
[German]There are six serious vulnerabilities in the firmware of HP systems for the business sector (notebooks, desktops, etc.) that have not been fixed by updates for a year. There are still no firmware updates for some HP enterprise systems, although they have been publicly known for a month. That's according to the security team at Binarly, which discussed some of these vulnerabilities in HP EliteBooks at the Black Hat 2022 conference.
[German]Security update KB5015808, released in July 2022, causes RDP issues on Windows Server 1609. Here in the blog I had reported about the problems in the RDS infrastructure – while Microsoft is silent about it so far. But unofficially, there seems to be a fix that rolls back the affected part of the patch via Known Issues Rollback (KIR). Below I document this issue – maybe it will help those affected.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The SharkBot banking Trojan has reappeared in the Google Play Store, disguised as an antivirus and cleaner app. Security researchers from CyberNews write: Android users should think twice before downloading free apps to clean their phones and "protect" them from viruses – because many of them contain data trackers and some even appear to include links to potentially malicious domains.
[German]The state sponsored Lazarus hacking group, based in North Korea, has repeatedly attracted attention for ransomware attacks and espionage. Now Cisco Talos has uncovered an attack campaign that targeted utility companies in North America. In addition, US law enforcement has managed to seize $30 million in cryptocurrency from an attack on Axie, where hackers had captured $600 million.
[German]Brief note for administrators who use Microsoft Endpoint Manager to manage mobile devices. Microsoft has just announced that iOS/iPadOS 15 devices that are logged in with a user registry cannot be successfully updated to iOS 16.
[German]Some Windows users (from Windows 7 up to Windows 11, and also Windows Server pendants) facing the situation, that no longer receive automatic updates. When they investigate the problem, they get the update error 0x80072F8F. In the blog post I try to collect some hints, what may causes this behavior. The post is a translation from my German blog post, dated from June 2014 – but it's still valid.
Brief note for administrators using Mirantis Container Runtime (formerly Docker EE) on Windows: Microsoft has discontinued support because it is transitioning to Mirantis Inc. As a result, the corresponding containers will soon be removed from Microsoft's download.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
