[German]The March 2022 updates KB5011551 and KB5011497 have caused various issues on Windows Server 2019 and Windows Server 2022 on some machines. These range from password loops on Windows Server 2019 to remote desktop issues on Windows Server 2022. Since there are new security updates as of today, April 12, 2022, I'm summarizing the status of issues related to March 2022 updates in this post.
[German]On May Patchday, Tuesday, May 10, 2022, Windows 10 version 1909 (all editions) and Windows 10 version 20H2 (Home and Pro) will receive security updates for the last time. After that, both Windows 10 variants will drop out of support. Microsoft has pointed this out in the Windows Message Center. By default, these Windows 10 versions – at least in the Home and Pro versions – should be automatically updated to the newer builds.
[German]There is occasional feedback here on the German and English blogs from administrators who use WSUS to control the distribution of updates to Windows clients, and complain that clients have surprisingly pulled updates past WSUS and installed them. The cause may be a recommended group policy from Microsoft's baseline security templates. Here is some information on this issue, which a reader comment brought to my attention.
[German]In an announcement dated April 4, 2022, Microsoft announced the end of support for .NET Framework 4.5.2, 4.6 and 4.6.1 on April 26, 2022. After that, there will be no more (security) updates. Users running the runtime in question should update it to at least .NET Framework 4.6.2 before April 26, 2022. Nothing changes for other .NET Framework versions, including .NET Framework 3.5 SP1 (see).
[German]Security researchers from Check Point have discovered multiple vulnerabilities in the popular Java Spring Framework developer environment. The vulnerabilities are now being used for attacks, and according to Check Point, 16 percent of all organizations worldwide were affected after just four days. Immediate updating of affected products is strongly recommended.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]In July 2022, Microsoft plans to release a new feature Autopatch for Windows 10/11 Enterprise. The paid product, Windows Autopatch, is intended to manage all aspects of delivering quality and feature updates, drivers, firmware and Microsoft 365 apps to enterprises for Windows 10 and Windows 11.
[German]Microsoft has not only outlined the future roadmap in terms of Windows 365 Cloud PC integration for Windows 11 on April 5, 2022. They announced also, that new security features will be available in Windows 11. Microsoft Defender's "Smart Screen" supports a phishing protection. Furthermore, security features such as Personal Data Encryption and Smart App Control are available for corporate environments.
[German]Today a few more news around the topic of cyber security. Hackers have penetrated in March Russian TV systems and in April the Kremlin's TV system and seem to have hundreds of surveillance cameras under control. In addition, Microsoft has taken over seven domains that were misused by the Russian APT28 hacker group (Strontium, Fancy Bear) for attacks against facilities in Ukraine.
[German]Microsoft has updated the Chromium Edge browser to version Edge 100.0.1185.36 as of April 7, 2022. This is a maintenance update, for which Microsoft has published little on the release notes page. Microsoft doesn't list any details on that page either – the link to the fixed vulnerabilities is broken. Only in an email I received the information that the vulnerability CVE-2022-1232 has been fixed. The browser should be updated automatically, but can also be downloaded here.
[German]Just yesterday, in the blog post VMware patches Spring4Shell RCE vulnerability CVE-2022-22965, I warned about a vulnerability in certain VMware products. Now the manufacturer has followed up and warns about critical vulnerabilities in various VMware products. This affects Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation and VMware Cloud Foundation products. Security updates to close the vulnerabilities are available.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
