[German]Microsoft has just announced that they are disabling support for the SMB1 protocol by default in the Windows 11 Home Insider builds. This is the final phase to finally put SMB1 support in Windows to bed and let it expire. The background is security considerations, and SMB2 as well as SMB3 are available. However, the problem will be that certain network connections are dependent on SMB1.
Brief addendum from last week. Microsoft has released some Microsoft Security Update revisions for April 19, 2022, which are changes to the documentation of various security updates. Here is an uncommented overview.
[German]Users of Lenovo notebooks should react. Security vendor ESET has just announced that it has discovered three vulnerabilities (CVE-2021-3970, CVE-2021-3971, CVE-2021-3972) in the UEFI of Lenovo consumer notebooks that are rated as highly problematic from a security perspective. The exploit allows attackers to deploy and successfully execute UEFI malware such as LoJax or ESPecter on the affected devices.
[German]Security vendor Kaspersky has discovered a vulnerability in the encryption of the Yanlouwang ransomware. As a result of this vulnerability, the encryption of files can be cracked under certain circumstances. Anyway, a free decryptor for Yanlouwang ransomware is available. However, samples of encrypted files and their unencrypted originals are needed for decryption.
[German]A vulnerability CVE-2022-29072 (heap overflow) exists in the 7-Zip application up to version 21.07, which allows privilege escalation on Windows. This could allow an attacker to gain system privileges and then compromise the system at will. Here is some information about it. Addendum: Seems it was a hoax or a mistake. An extension of privileges, as originally stated by the finder, is (probably) not possible.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Short addendum from last week. Microsoft has released some Microsoft Security Update Revisions for April 15, 2022, which are changes to the documentation of various security updates in GRUB as well as in Power BI Report Server. Here is an uncommented overview.
[German]Microsoft has again expanded the range of machines to which the Windows 10 November 2021 Update (21H2) will be offered after its release in November 2021 (see Windows 10 November 2021 Update (21H2) released). Windows 10 20H2 was already updated to version 21H2 in January 2022 (see Windows 10 20H2 will be upgraded to Windows 21H2 (January 20, 2022)). This is because older Windows 10 versions will drop out of support in May 2022 (Windows 10: Version 1909 and 20H2 reaching end of support on May 10, 2022).
[German]There is a warning from CISA and other organizations in the U.S. aimed at manufacturers and operators of process control systems and controllers (ICS/SCADA systems). Cyber groups (APTs) have developed new attack tools with which they can attack various industrial control systems. Since there is now a certain trend to only destroy in these attacks, the risk of industrial sectors or critical infrastructure being crippled by (government) cyber actors is increasing.
[German]Microsoft has updated the Chromium Edge browser to version Edge 100.0.1185.44 as of April 15, 2022. This is an emergency update that closes the CVE-2022-1364 vulnerability (see also this page and the blog post Chrome 100.0.4896.127 fixes 0-day vulnerability CVE-2022-1364). The browser should update automatically, but can also be downloaded here. Thanks to the blog readers (German, English) for the hints.
[German]On April 9, 2022, 0-day exploit exploiting vulnerabilities in LPAP NGINX implementation became known. Spontaneously the question came up if you have to react now if you use NGINX in your environment. A blog reader sent me a note the other day about what to watch out for in this regard. Here is a quick overview of this issue.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
