[German]A few hours ago, the Conti ransomware gang seems to have officially announced its resolutions and the cessation of all activities. The questions that remain: How long will this last? Will there be a sudden comeback? And do the actors involved in the Conti gang strike out on their own or join other ransomware groups?
[German]Microsoft has released out-of-band updates for supported versions of Windows Server, effective May 19, 2022, to address issues caused by the May 10, 2022 security updates. This includes fixing the Active Directory authentication issue on domain controllers. However, I have since received several reports that the fix does not help, at least in certain constellations with NPS (Network Policy Server).
[German]In addition to the Firefox developers providing a security update for the Firefox browser (see Firefox 100.0.2 and 91.9.1esr released), wo critical vulnerabilities in the Thunderbird email client have also been fixed with the May 20, 2022 update to version 91.9.1.
[German]Quick reminder for administrators who support Windows Server 20H2 installations. Microsoft has announced the end of support for this server version for August 9, 2022. After that, Windows Server 20H2 will no longer receive updates. At the same time, the Windows Server Semi-Annual Channel (SAC) will be discontinued (I had already pointed out this plan in 2021 in the post Future Windows Server versions will only be available as LTSC. Windows 10 20H2 has already fallen out of support in May 2022.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft has released a series of unscheduled updates (out-of-band updates) for supported versions of Windows (client and server) as of May 19, 2022, to correct issues caused by the May 10 security updates. These include the Active Directory authentication issue on domain controllers, but also a bug that prevents the installation of apps from the Microsoft Store.
[German] VMware has fixed a critical bug in several of its products through updates. The vulnerability, CVE-2022-22972, allows administrative access without authentication and affects the Workspace ONE Access, VMware Identity Manager (vIDM) and vRealize Automation products. The U.S. Department of Homeland Security (DHS) cybersecurity division issued a directive to U.S. agencies to update or remove VMware products affected by vulnerabilities CVE-2022-22972 and CVE-2022-22973 from their networks within five days.
[German]There's a lot going on with Windows 11 these days – and the new version 22H2 could be ready in the next few days. In addition, Microsoft has released the previous Windows 11 version 21H2 for broad distribution on May 17, 2022. A Windows 11 ISO file is available for download for Windows Insiders. At the same time, Microsoft is experimenting with Insiders with a new desktop search – the search box is found on the desktop – but forces users to view search results in Microsoft Edge, regardless of which browser is used as the default. Time, for an overview post around these Windows 11 issues.
[German]The Microsoft security team is currently warning about a campaign in which unknown attackers are targeting Microsoft SQL databases. Although a brute force approach is used to crack the database access. What is new is that the campaign uses the sqlps.exe tool in conjunction with PowerShell scripts.
[German]Question for Windows 10 users: Is anyone experiencing issues with user profiles on Windows 10 21H2 after installing the May 10, 2022 security updates? Microsoft may already be working on a fix, which is being tested with Windows Insiders via update KB5014023. Here is, what a reader experienced so far.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
[