[German]The security updates rolled out by Microsoft on January 11, 2022, may cause an issue on Windows Server. Certain applications or devices may no longer be able to make Netlogon Secure Channel connections to Windows Servers after installing these security updates. This affects various server versions, Microsoft announced in a statement.
[German]Windows 11 users complain about Windows Explorer crashes as soon as the Win+X context menu is opened via right-click. The whole thing probably refers to the Insider Preview Windows 11 build 22563.1, but Explorer crashes have been part of users' everyday life since the release of Windows 11. However, there is a workaround that can prevent these crashes with the help of a third-party tool.
[German]The manufacturer of graphics cards and chips, Nvidia, has probably fallen victim to a cyber attack. Currently, the manufacturer is still investigating the details that affected parts of its internal network. According to my information, it was an attack classified as relatively minor, which is currently still being investigated in terms of its impact. The internal operation of Nvidia's IT was affected for two days, and it is currently unclear whether data was leaked. In addition, the Snatch cyber gang is claiming an attack on McDonald in the US.
[German]In Windows 10 and Windows 11, there is an issue with certain builds when resetting the operating system. Even if the option to delete all files with was selected, these (user) files remain under certain scenarios – if OneDrive was used. I had recently addressed this in a blog post. Now Microsoft has confirmed this bug for various versions of Windows 10 as well as for Windows 11.
[German]Microsoft's fix for vulnerability CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful. A German blog reader has notified me in January 2022 about issues with Advanced Group Policy Management (AGPM). After installing January 2022 security updates , there are problems to reach the AGPM server. Microsoft has now confirmed these issues and a workaround is possible.
[German]Another small addendum from this week. Users who install Windows 11 with a trick on hardware that does not support the minimum requirements suddenly get a corresponding notice as a watermark on the desktop. Seems to be a a/b test with insider, but there is an option to hide this watermark so far.
[German]Do you use the network monitoring system Zabbix? A few days ago two vulnerabilities CVE-2022-23131 and CVE-2022-23134 became public. And there is a Zabbix update to fix these vulnerabilities. Now CISA warns that the two vulnerabilities are already being actively exploited in attacks. I had a look, even in Germany a three-digit number of Zabbix servers is probably accessible via the Internet – at least that's what Shodan says.
[German]Microsoft has published a revision to the security advisory for Windows vulnerability CVE-2021-26414 as of February 24, 2022. The notification is informal only. CVE-2021-26414 is the Windows DCOM Server Security Feature Bypass vulnerability that was addressed via security update as of June 8, 2021. The update enabled RPC_C_AUTHN_LEVEL_PKT_INTEGRITY by default on DCOM clients. However, Microsoft is addressing the vulnerability in a staged process with three phases. Now Microsoft has revised the FAQ with the planned dates for phases 2 and 3.
[German]Swedish vendor of (IP security cameras) Axis has become a victim of a cyber attack, as Axis Communications has finally confirmed. I had addressed a few days ago in the blog that their websites and services were down since February 21, 2022 and suspected a cyber attack. Here is a summary of what is now known. Addendum from 02/27/2022 with information from Axis Communications on what they have found out.
[German]For several days now, a new malware has been infecting network devices around the world and incorporating affected machines Cyclops Blink botnet. This botnet can steal confidential data and attack other networks. Meanwhile, this malware or botnet is attributed to the government hacking group Sandworm (Voodoo Bear). Here is some information about this malware.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
