[German]It's a bizarre story that Microsoft developer Raymond Chen recently made public: Notebooks with Windows XP crashed when the pop song Rhythm Nation by Janet Jackson from 1989 was played. The background was that the hard disks used resonated and caused the crashes due to read/write errors. There is now even a CVE number CVE-2022-38392 for this issue.
[German]Security researchers Michael Horowitz warns iOS users, that VPNs on this platform is broken. It looks, that it works fine. But the iOS device gets a new public IP address and new DNS servers. A detailed inspection of data leaving the iOS device by Horowitz shows that the VPN tunnel leaks. This became firstly know by ProtonVPN, according to Horowitz, in March 2020 and iOS v13 (I found this reddit.com post from 2018, claiming a similar behavior).
The developers of LibreOffice have released version 7.4 of this office package this week. Numerous innovations and improvements have been made to the individual Office modules, which can be read in the release notes. The package can be downloaded free of charge from this LibreOffice website. (via)
[German]Anyone who operates a website may occasionally be confronted with the problem that it is reported as "malicious" by security portals or by users. Then the question arises how to proceed to find out if this is a false alarm or if the website has been compromised. Recently, I was asked to look at such a site that was reported as "malicious" by security tools. Afterwards I thought about documenting the steps I undertook – maybe it will help one or the other.
[German]Note for administrators of HPE Proliant servers running HPE's Integrated Lights-out versions. HPE has already published a security bulleting for HPE Integrated Lights-Out 5 (iLO 5) at the end of July 2022, which pointed out several critical vulnerabilities. There is an update available for iLO 5.0, which should be installed promptly (but presumably the information has long since reached you).
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
It seems that the developers have released an updated version of the free Sysinternals tools Sysmon, AccessEnum and Coreinfo on August 16, 2022.
[English]I'll pull out one issue separately, which I had already covered in the blog with a note. The update KB5012170 released by Microsoft on August 9, 2022 causes problems on some systems. Security update for the Secure Boot Module, which is supposed to prevent vulnerability exploitation, causes some users to have the Bitlocker key requested there at boot time. Others have installation errors, and the screen remains dark for some users.
[German]Microsoft has released an optional cumulative (preview) update KB5015879 for Windows Server 2022 as of August 16, 2022 (C-Week). Below I provide an overview regarding these updates for Windows Server 2022.
[German]Google has released the update of Google Chrome 104.0.5112.101 for Linux and macOS and 104.0.5112.102 for Windows on the desktop in the stable channel on August 16, 2022. The security update closes numerous vulnerabilities.
[German]I am posting an issue here on the blog that was reported recently to me by a blog reader. He is experiencing massive issues with his Server 2016 based RDS infrastructure after installing update KB5015808 (for Windows 10 version 1607 Enterprise LTSC and Windows Server 2016). So far there is not really anything to be found on the Internet.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
