0patch fixes all known and exploitable Windows NTLM/Kerberos vulnerabilities

Posted on 2022-07-01 by guenni

Windows[German]In recent months, a number of vulnerabilities and attack mechanisms have become known that could be used to siphon off credentials (NTLM/Kerberos). Not all vulnerabilities are easily exploitable, not everything has been fully patched by Microsoft. ACROS Security has now decided to close all known and exploitable Windows NTLM/Kerberos vulnerabilities by means of micropatches. ACROS Security has also completed the DFSCoerce forced authentication issue micropatch.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Microsoft Edge 103.0.1264.44 fixes CVE-2022-33680 (June 30, 2022)

Posted on 2022-07-01 by guenni

Edge[German]Microsoft has updated the Edge browser in the stable channel to version 103.0.1264.44 as of June 30, 2022. It is a maintenance update that fixes the Elevation of Privilege vulnerability CVE-2022-33680, which is rated as critical. And this build fixes group policy issues, some administrators are facing. But I got reports about a download bug.

Continue reading

Posted in browser, Security, Software, Update | Tagged , | Leave a comment

Unauthorized RCE CVE-2022-28219 in Zoho ManageEngine ADAudit Plus

Posted on 2022-07-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researcher Naveen Sunkavally of Horizon3.ai recently discovered vulnerability CVE-2022-28219. This allows remote code execution without further authentication by the attacker and affects Zoho ManageEngine ADAudit Plus. This is a compliance tool used by enterprises to monitor changes to Active Directory. The vulnerability involves several issues: untrusted Java deserialization, path traversal and a blind XML External Entities (XXE) injection. The vulnerabilities have since been fixed.

Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Kaspersky finds SessionManager backdoor left by malware in IIS/Exchange servers worldwide

Posted on 2022-06-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security vendor Kaspersky has come across a little-known backdoor, undetected by antivirus solutions, that leaves malware on Microsoft Exchange servers in the IIS module. There are infections of the so-called SessionManager backdoor in Exchange systems worldwide. The SessionManager backdoor enables a wide range of malicious activities, from collecting emails to taking complete control over the victim's infrastructure. The newly discovered backdoor was first deployed in late March 2021 and has hit government and non-government organizations in Africa, South Asia, Europe and the Middle East. Most of the organizations attacked remain compromised to this day.

Continue reading

Posted in Security | Tagged , | Leave a comment

Azure: Container Escape Vulnerability (CVE-2022-30137) in Microsoft's Service Fabric Closed

Posted on 2022-06-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from Palo Alto Networks have encountered a container escape vulnerability in Microsoft's Service Fabric, which they then named FabricScape. The vulnerability allowed container escapes in Microsoft's Service Fabric, which is commonly used with Azure. Palo Alto Networks has partnered with Microsoft to address this vulnerability. 

Continue reading

Posted in Security | Tagged , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Building materials manufacturer Knauf affected by cyber attack worldwide (June 29, 2022)

Posted on 2022-06-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The manufacturer Knauf (gypsum, Plaster, building materials) fell victim to a cyber attack on June 29, 2022. The company's IT systems are affected worldwide and had to be shut down. Too much information in terms of details is unfortunately not yet known – the company hopes to have isolated the incident after the security system struck, but is still engaged in analysis. Addendum: Black Basta gang claims responsibility and has leaked data.

Continue reading

Posted in Security | Tagged | Leave a comment

Edge Stable 103.0.1264.37 breaks group policies (Chrome bug)

Posted on 2022-06-30 by guenni

Edge[German]I'm going to pull out an issue that may be of concern to administrators among of my blog readers. Since the release of Microsoft Edge Stable 103.0.1264.37, I got reports, that group policies no longer work. This night I came across more reports at Microsoft. So I'll briefly summarize the state of affairs here for your information. A fix is in the work (at Chromium and Edge developer teams).

Continue reading

Posted in browser, issue, Software, Windows | Tagged , | 3 Comments

Thunderbird 102.0 and 91.11.0

Posted on 2022-06-30 by guenni

[German]In addition to Firefox developers who have provided updates to the Firefox browser (see Firefox 102.0 and ESR, as well as 91.11esr released), new versions of the Thunderbird email client were also released on June 28, 2022. At the same time, security vulnerabilities – also in the the version 91.11.0 were closed. Thanks to the reader for the tip.

Continue reading

Posted in Security, Software, Update | Tagged , , | Leave a comment

Microsoft Exchange Server: Remote Code Execution vulnerability CVE-2022-23277 exploitable despite patch?

Posted on 2022-06-30 by guenni

Exchange Logo[German]Are Microsoft Exchange servers on the current patch level still vulnerable via the remote code execution vulnerability CVE-2022-23277? Some fragments of information have just come to my attention that at least raise questions. In any case, the disclosure of the details that led to the vulnerability is interesting. I'll try to summarize the information as best as I can.

Continue reading

Posted in Security, Software | Tagged , | 4 Comments

Firefox 102.0 and esr, as well as 91.11esr released

Posted on 2022-06-29 by guenni

Mozilla[German]Mozilla's developers have released the versions 102.0 (also as ESR version) as well as the 91.11esr of the Firefox browser on June 28, 2022. Firefox 102 is a new development branch, while 91.11esr is a maintenance update that fixes critical vulnerabilities.

Continue reading

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment