[German]Microsoft has updated the Chromium Edge browser to version Edge 99.0.1150.46 as of March 17, 2022. This is a maintenance update that closes a number of vulnerabilities. Microsoft has sent an update information about this around via mail.
[German]A brief note for Windows Server 2022 administrators who are experiencing issues after installing the March 8, 2022 security update KB5011497. This update can cause serious issues with remote services, because certain roles are no longer available after installing this update. I have received now a tip for a solution by a blog reader.
Continue reading
[German]Poorly or unsecured remote access is a constant security problem and gateway for cyberattacks in many companies, government agencies and organizations. Now I have come across a case involving a regional health ministry in Russia. A hacker was able to remotely penetrate an unsecured computer at this organization.
[German]It looks like a classic false positive that Microsoft Defender pulled yesterday (Wednesday, March 16, 2022). If you suddenly had Microsoft Office updates quarantined as ransomware on your systems, you were affected by this case.
[German]
Security researchers from AhnLab have come across a campaign in which attackers install a backdoor on poorly secured Microsoft SQL and MySQL servers. This is the remote access Trojan Gh0stCringe. It is suspected that the infection occurs via cracked admin access to the servers. Here is some brief information about it.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The international sanctions against Russia are forced a withdrawal of US cloud providers, who are cancelling services for Russian customers. Now an IT crisis is looming in Russia, because the country is running out of storage for data. In an estimated two months, it will run out of cloud storage capacity – the Russian government is currently looking for alternatives.
[German]OpenSSL has released a security update to close a vulnerability in the library. The BN_mod_sqrt() function used to compute a modular square root contains an a flaw that could cause an infinite loop to be run for non-primary moduli. The vulnerability, if exploited, would lead to denial of service loops. This is according to this OpenSLL security alert. Internally, this feature is used when parsing certificates that contain elliptic curve keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by creating a certificate that contains invalid explicit curve parameters.The update is intended to fix the vulnerability. In addition to the notes in the security alert above, the colleagues at Bleeping Computer have published this post about it.
[German]Google has released updates to Google Chrome 99.0.4844.74 for Windows and Mac on the desktop as of March 15, 2022. There is also Chrome 98.0.4758.132 in the Extended Channel and the Android browser has been updated to version 99.0.4844.73. Thanks to the reader for the tip. Here's a quick overview.
[German]The Irish Data Protection Authority (DPC) has just fined Meta (formerly Facebook) €17 million. This fine stems from several data protection breaches by Facebook in the past.
[German]Once again a topic, which I have to address again: Microsoft has started displaying ads for various of its own products in Windows Explorer. This affects Windows 11 users who are testing the current Windows Insider builds. That's what various US media are reporting, though it's probably some kind of A/B test, so not every Insider gets to see these ads.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
