[German]There is a vulnerability in the Bluetooth Low Energy implementation that allows remote access to corresponding Bluetooth devices (door locks, electronic devices and cars). Among others, the US car manufacturer Tesla had to admit that its electric car models Tesla Model 3 and Tesla Y can be unlocked, started and thus stolen in this way.
[German]The ACROS Security team around founder Mitja Kolsek has released a micro patch to close the Remote Procedure Call Runtime Integer Overflows vulnerabilities CVE-2022-26809 and CVE-2022-22019). The patch is available for Windows 7 SP1, Windows Server 2008 R2, up to Windows 10 (v1803 to v2004). The micro-patch is available for all customers with the 0patch agent who own a Pro or Enterprise license of ACROS Security. Here is some information about it.
[German]Today a short information for administrators of Active Directory Domain Controllers under Windows Server, who still have to apply the security updates for May 2022. I have come across the information that there is a bug that leads to nasty problems in Windows Server in certain configurations (which should not actually occur). Administrators should pay attention to the configuration of the AltSecID attribute on the krbtgt account before installing the update. If this attribute is set, a boot loop of the DC is imminent and the Active Directory is down. I'll post the information I picked up yesterday from a Windows Escalation Engineer and since on Twitter here.
[German]A smartphone that is switched off is not off – we know this from movies where batteries are removed from smartphones and the devices are placed in a refrigerator or tin cans. It is certainly possible to run malware on an iPhone that is switched off. Security researchers from Darmstadt have just proven this in an experiment. It's a bit tricky and requires Bluetooth, NFC chips etc. in an iPhone – but it works.
[German]Nvidia has released a security update for the graphics driver of the Kepler GeForce GPUs on May 16, 2022, as you can read on this website. The new GeForce WHQL driver has the version 473.47 and is available for Windows 10 (64 bit) as well as Windows 11. The manufacturer writes that the security update has been released for the desktop Kepler-series GeForce GPUs, which are no longer supported by Game Ready drivers. This update fixes issues that can lead to several security compromises. Details can be found on the linked website and in the release notes. (via)
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]US CERT CISA (Cybersecurity & Infrastructure Security Agency) has temporarily removed vulnerability CVE-2022-26925 from its Known Exploited Vulnerabilities catalog and warns US organizations not to install the May 2022 updates for Windows on machines that act as domain controllers. This is in response to authentication issues related to the updates and DCs.
[German]Another May 2022 patchday issue on Windows 11. Users who have been running Sophos antivirus solutions may have been seeing BlueScreens on Windows 11. The cause is the May 10, 2022 update KB5013943, which causes problems with a Sophos driver. Sophos has meanwhile released a fix to resolve this issue.
[German]Mozilla developers have released versions 100.0.1 of the Firefox browser on May 16, 2022. It is a maintenance update, which fixes bugs. Thanks to the reader for the tip.
[German]As of today, May 16, 2022, the remote support Quick Assist for Windows 10 and Windows 11 is only available in the Microsoft Store. The previous Windows 32 application for Quick Assist, which was available as a standalone application, has fallen out of support. Seems to frustrate some Windows administrators, because the whole thing is probably only half-baked implemented.
[German]Currently, there seems to be a hitch with SSL VPN connections. Last week, a database dump was posted on Telegram with 21 million user data/login details from VPN providers SuperVPN, GeckoVPN and ChatVPN. An exploit for an unauthenticated remote code execution vulnerability exists for Cisco RV340 SSL VPN routers. In India, a VPN provider is intending withdrawal due to new laws. And Palo Alto is addressing the question of whether VPN will be replaced with SASE.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
