[German]VMware has released two security updates for ESXi 7.0 and for ESXi 6.7 as of June 14, 2022. Blog reader Singlethreaded pointed out these security updates in a comment. In addition to ESXi, vCenterServer & Application running VMware 6.7 are also affected.
[German]A critical vulnerability CVE-2022-20825 exists in the RV110W, RV130, RV130W and RV215W small business routers, which has been assigned a CVE score of 9.8. Due to a lack of authentication, the vulnerability allows for remote command execution as well as denial of service attacks. The problem: The devices have fallen out of support for Cisco and no longer receive any security updates.
[German]According to a report from the Russian news agency TASS, users in Russia no longer seem to be able to download IS0 files of Windows 10 and Windows 11 from Microsoft servers. The download only works with a VPN connection. It is currently unclear whether this is a technical problem or whether Microsoft (or a third party) has deliberately blocked these downloads and removed them from the download servers accessible from Russia.
[German]The release of Microsoft Edge 102.0.1245.30 causes startup problems for some users, which are not fixed even in the successor versions, according to my knowledge. A blog reader has probably found the cause – it may be due to the "Hardware enforced stack protection" option, which causes problems on systems with AMD CPU. However, I also have reports that Intel machines are affected.
[German]It is quite explosive: Bytedance, the Chinese owner of the video platform TikTok, has always claimed that data from US users is not transferred to China. Ex-US President Trump had forced Bytedance to keep the TikTok data on US servers. Leaked audio files of 80 internal TikTok meetings now show that US user data was repeatedly accessed from China. So the concerns of the U.S. security authorities were probably not without merit.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]You occasionally hear "we are migrating to the cloud, to Microsoft Azure, Office 365, etc., Microsoft will make sure that patching is done and vulnerabilities are closed promptly". But cloud users are, for better or worse, dependent on Microsoft's goodwill and capabilities. And in terms of timely patching of vulnerabilities, things sometimes look bleak, as a recent case on the Synapse Pwnalytics vulnerability shows, which I'll rehash here.
[German]I just got a user information on my desk that there are problems with the user login in Microsoft Outlook "since the last update" (probably from June 2022). Problem seems to be that the program can no longer distinguish between two online accounts. Here is the information I have so far.
Citrix has provided a fix for the issue in that MS Teams calls do not work in its VDA environment. Users are unable to complete a call from Microsoft Teams.
[German]One more quick piece of info from this week's post. Microsoft has released some security description revisions as of June 14, 2022, which I'll just post here on the blog.
[German]Microsoft is investigating another issue related to the June 2022 updates. It is said to affect Windows clients running on the ARM platform. On these devices, logging in to certain services is no longer possible after installing the June 14, 2022 security updates. This may also affect OneDrive, Microsoft Teams and Outlook.com.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
