It seems that the developers have released an updated version of the free Sysinternals tools Sysmon, AccessEnum and Coreinfo on August 16, 2022.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Update KB5012170 for Secure Boot DBX causes Bitlocker issues
[English]I'll pull out one issue separately, which I had already covered in the blog with a note. The update KB5012170 released by Microsoft on August 9, 2022 causes problems on some systems. Security update for the Secure Boot Module, which is supposed to prevent vulnerability exploitation, causes some users to have the Bitlocker key requested there at boot time. Others have installation errors, and the screen remains dark for some users.
Windows Server 2022 Preview Update KB5016693 (August 16, 2022)
[German]Microsoft has released an optional cumulative (preview) update KB5015879 for Windows Server 2022 as of August 16, 2022 (C-Week). Below I provide an overview regarding these updates for Windows Server 2022.
Chrome 104.0.5112.101/102 fixes 11 vulnerabilities
[German]Google has released the update of Google Chrome 104.0.5112.101 for Linux and macOS and 104.0.5112.102 for Windows on the desktop in the stable channel on August 16, 2022. The security update closes numerous vulnerabilities.
RDS issues after Windows update KB5015808
[German]I am posting an issue here on the blog that was reported recently to me by a blog reader. He is experiencing massive issues with his Server 2016 based RDS infrastructure after installing update KB5015808 (for Windows 10 version 1607 Enterprise LTSC and Windows Server 2016). So far there is not really anything to be found on the Internet.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows Defender Credential Guard Update and Revisions (August 9, and 15, 2022)
[German]Microsoft also patched Windows Defender Credential Guard on patchday, August 9, 2022, with the security updates. Both an elevation of privilege vulnerability and a security feature bypass vulnerability were closed. However, Microsoft had not provided any documentation on this.
Signal victim of Twilio hack
[German]In the article Twilio data security incident findings after SMS phishing attack, I had reported on the security incident at provider Twilio, where data was stolen by hackers through a phishing attack. Twilio offers programmable voice, text, chat, video and email APIs, and cloud authentication service Authy is also part of it. Now it has been revealed that messenger service Signal is one of Twilio's customers and has also been affected.
Windows: "Service host: Local system" runs with high CPU/disk load after boot since update
[German]German blog reader Willi B. contacted me by mail the days because he ran into a problem under Windows 8.1. Since one of the last updates he has the problem that the service "Service Host: Local System" runs with high load after boot since for some time. The problem repeats itself with the August 2022 update. The problem has been running through Windows for years.
Vulnerabilities in Xiaomi smartphones
[German]Chinese vendor Xiaomi ships smartphones with vulnerabilities: A themes app that tries to bypass Google's built-in Android security protection. In addition, security researchers have discovered a vulnerability in MediaTek chips that make the payment system integrated in Xiaomi smartphones vulnerable. Here's an overview of this two topics.
Twilio data security incident findings after SMS phishing attack
[German]Cloud communications company Twilio has recently fallen victim to a cyberattack, according to recent media reports (here and here). The attackers penetrated some of the company's customer databases after stealing employee credentials via an SMS phishing attack. The Lookout, Inc, research team took a closer look at this attack campaign and was able to determine some extremely important information thanks to the Lookout dataset.