The Chinese government has decided to free itself from dependence on foreign suppliers within two years. To this end, Apple products, Windows and foreign PCs, especially from Dell and HP, are to be replaced by domestic solutions/products in all government agencies and state-owned enterprises.
[German]SonicWall has issued a security alert urging customers to immediately patch several vulnerabilities that are considered high-risk. The vulnerabilities could allow attackers to bypass authorization and potentially compromise unpatched appliances.
[German]In addition to the vulnerabilities in F5 BIG-IP network devices mentioned in the blog post Destructive attacks via critical F5 BIG-IP vulnerability, Zyxel is also dealing with an Unauthenticated Remote Command Injection vulnerability CVE-2022-30525 in its firewalls. Operators of corresponding Zyxel firewalls should immediately install the provided updates to close the serious vulnerability.
[German]Brief message at the end of the week – after the "very successful" patchday on May 10, 2022 with numerous collateral damages, Microsoft is on its way to new shores. On May 12, 2022, they released the preview update KB5014023 for Windows Insiders. I haven't found details about the update yet (it's not listed on the Windows 10 update history page, of course) – it's just mentioned here and here.
[German]Hewlett Packard (HP) has recently published a security advisory. This warning addresses two vulnerabilities in the firmware of over 200 HP models (business and consumer variants) that allow the firmware to be overwritten. The vulnerabilities have been given a security score of 8.8 – updates are available. Furthermore, Intel has issued a security advisory for a vulnerability in the BIOS of Intel systems, which also have a score of 8.2 and allow privilege escalation.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]In F5 BIG-IP, vulnerability CVE-2022-1388 became public last week. The vulnerability allows attackers to execute commands on BIG-IP network devices as "root" without requiring authentication. The manufacturer F5 had strongly recommended administrators of the network devices to close this critical vulnerability through updates. Exploits have become public on Twitter and GitHub. Now there are first destructive attacks that attempted to delete the file system of a device and render the server unusable.
[German]There seems to be a bug in Microsoft Access 365 (with update status 2022 in the current channel). When closing forms, the error message "The search key was not found in any…" is issued. Following a reader suggestion, I summarize the relevant information below – in case anyone encounters the effect.
[German]The May 10, 2022 security updates for Windows cause several issues. One concerns authentication on domain controllers. This seems to fail for various machines (client and server) due to certificate errors. All clients are affected, from Windows 7 SP1 (with ESU) up to Windows 11 and the relevant server counterparts. Microsoft has since confirmed the problem.
[German]On May 10, 2022 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. Here is an overview of the available updates.
[German]Microsoft has released various security updates for Windows, Office, Net etc. on May 10, 2022. While relatively few problems were fixed by these updates, some users seem to have problems with the update installation or afterwards. Affected is for example Windows 11, where the error 0xc0000135 occurs. Here is a collective article, which may be extended, what I have noticed.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
