Microsoft has released revisions to its security alerts and update descriptions as of March 17, 2022. Here is a summary of these revisions that I received by mail.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Microsoft releases scan tool for MikroTic Trickbot infections
[German]The Trickbot gang infects IoT devices and MikroTik routers with malware to make them part of a botnet. The infected routers can then communicate with the Trickbot Gang's C&C servers and spread further malware or be misused for attacks. Microsoft has now released details on how Trickbot infections work, while also providing a free Python tool for detecting MikroTik Trickbot infections.
Microsoft Edge 99.0.1150.46 released
[German]Microsoft has updated the Chromium Edge browser to version Edge 99.0.1150.46 as of March 17, 2022. This is a maintenance update that closes a number of vulnerabilities. Microsoft has sent an update information about this around via mail.
Windows Server 2022: Fix for Remote Desktop problems with update KB5011497
[German]A brief note for Windows Server 2022 administrators who are experiencing issues after installing the March 8, 2022 security update KB5011497. This update can cause serious issues with remote services, because certain roles are no longer available after installing this update. I have received now a tip for a solution by a blog reader.
Continue reading
Hacker Hacker was able to break into computer of a Russian health ministry within seconds
[German]Poorly or unsecured remote access is a constant security problem and gateway for cyberattacks in many companies, government agencies and organizations. Now I have come across a case involving a regional health ministry in Russia. A hacker was able to remotely penetrate an unsecured computer at this organization.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Defender falsely detected Office updates as ransomware activity (03/16/2022)
[German]It looks like a classic false positive that Microsoft Defender pulled yesterday (Wednesday, March 16, 2022). If you suddenly had Microsoft Office updates quarantined as ransomware on your systems, you were affected by this case.
Gh0stCringe malware targets unsecured Microsoft SQL and MySQL servers
[German]
Security researchers from AhnLab have come across a campaign in which attackers install a backdoor on poorly secured Microsoft SQL and MySQL servers. This is the remote access Trojan Gh0stCringe. It is suspected that the infection occurs via cracked admin access to the servers. Here is some brief information about it.
IT crisis: Russia to run out of storage space in 2 months
[German]The international sanctions against Russia are forced a withdrawal of US cloud providers, who are cancelling services for Russian customers. Now an IT crisis is looming in Russia, because the country is running out of storage for data. In an estimated two months, it will run out of cloud storage capacity – the Russian government is currently looking for alternatives.
Error in parsing OpenSSL certificates causes denial of service loop
[German]OpenSSL has released a security update to close a vulnerability in the library. The BN_mod_sqrt() function used to compute a modular square root contains an a flaw that could cause an infinite loop to be run for non-primary moduli. The vulnerability, if exploited, would lead to denial of service loops. This is according to this OpenSLL security alert. Internally, this feature is used when parsing certificates that contain elliptic curve keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by creating a certificate that contains invalid explicit curve parameters.The update is intended to fix the vulnerability. In addition to the notes in the security alert above, the colleagues at Bleeping Computer have published this post about it.
Chrome 99.0.4844.74 fixes 11 vulnerabilities
[German]Google has released updates to Google Chrome 99.0.4844.74 for Windows and Mac on the desktop as of March 15, 2022. There is also Chrome 98.0.4758.132 in the Extended Channel and the Android browser has been updated to version 99.0.4844.73. Thanks to the reader for the tip. Here's a quick overview.