Update KB5012170 for Secure Boot DBX causes Bitlocker issues

Posted on 2022-08-17 by guenni

Windows[English]I'll pull out one issue separately, which I had already covered in the blog with a note. The update KB5012170 released by Microsoft on August 9, 2022 causes problems on some systems. Security update for the Secure Boot Module, which is supposed to prevent vulnerability exploitation, causes some users to have the Bitlocker key requested there at boot time. Others have installation errors, and the screen remains dark for some users.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 4 Comments

Windows Server 2022 Preview Update KB5016693 (August 16, 2022)

Posted on 2022-08-17 by guenni

Windows[German]Microsoft has released an optional cumulative (preview) update KB5015879 for Windows Server 2022 as of August 16, 2022 (C-Week). Below I provide an overview regarding these updates for Windows Server 2022.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Chrome 104.0.5112.101/102 fixes 11 vulnerabilities

Posted on 2022-08-17 by guenni

Chrome[German]Google has released the update of Google Chrome 104.0.5112.101 for Linux and macOS and 104.0.5112.102 for Windows on the desktop in the stable channel on August 16, 2022. The security update closes numerous vulnerabilities.

Continue reading

Posted in browser, Security, Update | Tagged | Leave a comment

RDS issues after Windows update KB5015808

Posted on 2022-08-17 by guenni

Windows[German]I am posting an issue here on the blog that was reported recently to me by a blog reader. He is experiencing massive issues with his Server 2016 based RDS infrastructure after installing update KB5015808 (for Windows 10 version 1607 Enterprise LTSC and Windows Server 2016). So far there is not really anything to be found on the Internet.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | 13 Comments

Windows Defender Credential Guard Update and Revisions (August 9, and 15, 2022)

Posted on 2022-08-16 by guenni

Update[German]Microsoft also patched Windows Defender Credential Guard on patchday, August 9, 2022, with the security updates. Both an elevation of privilege vulnerability and a security feature bypass vulnerability were closed. However, Microsoft had not provided any documentation on this.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Signal victim of Twilio hack

Posted on 2022-08-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In the article Twilio data security incident findings after SMS phishing attack, I had reported on the security incident at provider Twilio, where data was stolen by hackers through a phishing attack. Twilio offers programmable voice, text, chat, video and email APIs, and cloud authentication service Authy is also part of it. Now it has been revealed that messenger service Signal is one of Twilio's customers and has also been affected.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows: "Service host: Local system" runs with high CPU/disk load after boot since update

Posted on 2022-08-16 by guenni

Windows[German]German blog reader Willi B. contacted me by mail the days because he ran into a problem under Windows 8.1. Since one of the last updates he has the problem that the service "Service Host: Local System" runs with high load after boot since for some time. The problem repeats itself with the August 2022 update. The problem has been running through Windows for years.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 1 Comment

Vulnerabilities in Xiaomi smartphones

Posted on 2022-08-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Chinese vendor Xiaomi ships smartphones with vulnerabilities: A themes app that tries to bypass Google's built-in Android security protection. In addition, security researchers have discovered a vulnerability in MediaTek chips that make the payment system integrated in Xiaomi smartphones vulnerable. Here's an overview of this two topics.

Continue reading

Posted in devices, Security | Tagged , , | Leave a comment

Twilio data security incident findings after SMS phishing attack

Posted on 2022-08-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cloud communications company Twilio has recently fallen victim to a cyberattack, according to recent media reports (here and here). The attackers penetrated some of the company's customer databases after stealing employee credentials via an SMS phishing attack. The Lookout, Inc, research team took a closer look at this attack campaign and was able to determine some extremely important information thanks to the Lookout dataset.

Continue reading

Posted in Security | Tagged | Leave a comment

Car safety: Kia Challenge and Hyundai Key found on the web

Posted on 2022-08-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Software security in cars – a hot topic. On platforms such as TikTok, a trend known as the Kia Challenge or Kia Boys is celebrating a happy new era – the aim is to steal vehicles from Kia or Hyundai using a USB stick. And I came across the next sloppiness: A blogger searching the web found the private keys for software updates on Hyundai vehicles.

Continue reading

Posted in Security | Tagged | Leave a comment