[German]Macros in Office are a gateway for malware like Dridex, Emotet, Trickbot, Qbot, etc. Microsoft had plans to disable macros in Office 365 by default. Now this idea seems to have been scrapped again, macros will not be blocked by default in Office in the future either. At least, that's what Microsoft's told us recently within a few sentences.
[German]Microsoft has released version 0.6 of its free PowerToys for Windows 10 and Windows 11 on July 7, 2022. I haven't reported about these tools and the weekly water levels here on the blog for a while, especially since the software often came along with bugs and then caused problems. With version 0.6, Clint Rutkas, the developer of the tools, promises quantities of bug fixes and some new features.
[German]Users of Windows 11 (22H2) as well as Windows Server 2022 should pay attention if they run a RAID system and use the Adaptec ASR-71605 RAID controller for it. A blog reader pointed out to me a nasty bug in the driver in question from Microsoft that seems not to have been fixed yet. Here is some information about it.
[German]The ransomware group ALPHV (also known as Blackcat) seems to be breaking new ground in extortion techniques. In the past, victims have already been threatened with the publication of captured data in order to get them to pay a ransom. Now, the ALPHV ransomware group seems to have set up a searchable database where victims' data can be searched. This poses the risk of data from these documents being misused for further abuse (supply chain attacks, identity theft, phishing).
[German]Microsoft has updated the Edge browser in the stable channel to version 103.0.1264.49 as of July 6, 2022. It is a maintenance update that fixes the CVE-2022-2294 vulnerability. The download bug hasn't been fixed.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Cisco has published extensive security warnings for various products as of July 6, 2022. Of a total of new CVEs, one in Cisco Expressway and Telepresence Vdieo communication servers is rated critical, one vulnerability in Smart Software Manager is rated high, and the remaining vulnerabilities are rated medium.
[German]In addition to Firefox developers providing updates to the Firefox browser, a new version of the Thunderbird email client has also been released as of July 5, 2022. Thanks to the reader for pointing this out.
[German]Mozilla developers have released versions 102.0.1 of the Firefox browser on July 6, 2022. This is a maintenance update that is supposed to fix bugs.
[German]Today another finding from the internet about Windows 10 (11) troubleshooting, where the error was caused by an app. Suddenly the Windows Start menu stopped working, OneDrive reported an error, and Outlook was also causing problems. At the end of the day Rudy Ooms found the culprit, it was the app ClickShare from Barco. I found it quite interesting how Ooms investigated and documented the whole thing and am posting the short version here on the blog for your information.
[German]A vulnerability CVE-2022-2274 exists in OpenSSL that could lead to heap memory corruption with RSA private key operations. It affects OpenSSL 3.0.4 and the vulnerability is rated High in severity. A second vulnerability CVE-2022-2097 causes AES OCB to fail to encrypt some bytes. This vulnerability is rated Moderate.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
