CISA: US agencies must install iOS 15.3.1/macOS 12.2.1 update till Feb. 25, 2022

Posted on 2022-02-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Apple has released an emergency update for iOS (and macOS, as well as the Safari browser) last week to fix a critical RCE vulnerability (CVE-2022-22620) in WebKit. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has instructed all U.S. agencies to install update to close the CVE-2022-22620 vulnerability on devices in use by February 25, 2022. Users and administrators in Germany should perhaps also act promptly.

Continue reading

Posted in ios, macOS, Security, Software, Update | Tagged , , | Leave a comment

End of support for older Visual Studio versions in April 2022, and in May for Windows 10 20H2

Posted on 2022-02-14 by guenni

Update[German]Last week, or rather in the last few days, Microsoft has already pointed out that certain products will reach the end of support in a few months and will no longer receive updates. This includes older versions of Visual Studio, whose support will end on April 12, 2022. But also for users of Windows 10 version 20H2, support for security updates will already end on May 10, 2022. Microsoft has begun now to auto update these systems to version 21H2.

Continue reading

Posted in Security, Software, Update, Windows | Tagged , , , | Leave a comment

Microsoft Februar 2022 Patch day review

Posted on 2022-02-13 by guenni

Update[German]February 8, 2022 was Microsoft's patchday, where a number of security updates for various products were made available. I had reported about these updates in the blog. At first glance, there was little trouble with the February 2022 updates. But some collateral damage came to my attention, which I'll summarize in a review.

Continue reading

Posted in issue, Office, Update, Windows | Tagged , , , | 1 Comment

Does the WhatsApp desktop app throttle GPU performance?

Posted on 2022-02-13 by guenni

[German]The meta-messenger WhatsApp has a client for the Windows desktop. A reader has now pointed out to me his observation that this app throttles the GPU performance of the desktop. I'm posting it man here on the blog with – maybe someone can confirm this.

Continue reading

Posted in issue, Software, Windows | Tagged , | 1 Comment

More Lexmark device vulnerabilities (wrap-up Feb. 2022)

Posted on 2022-02-12 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In late January 2022, a critical vulnerability CVE-2021-44738 in the PostScript interpreter of various Lexmark printers became public. The manufacturer warns about this vulnerability, which allows remote code execution, and provides a firmware update to close it. But there are other vulnerabilities that have received little attention so far, but may be more critical.

Continue reading

Posted in devices, Security | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Fujitsu computer: Windows restart after shutdown

Posted on 2022-02-12 by guenni

Windows[German]Blog reader Timo J. informed me about a special observation on February 7, 2022. He observed that since that date certain Fujitsu computers (P400 E85+) simply boot up again after shutdown, as if the computer had been restarted. This happens only as long as the LAN cable is plugged in, he found out. So far there are only two computers, but exactly the same model, with the same problem. The January 2022 update is released, the February 2022 update was not installed there yet. Solution: Disable the LAN option in Wake Up Resources in the BIOS. The problem should have to do with WOL. To be on the safe side, he also disabled the corresponding options for network adapters in Device Manager. Maybe it helps someone.

Posted in devices, Windows | Tagged , | Leave a comment

Edge 98.0.1108.50

Posted on 2022-02-11 by guenni

Edge[German]Microsoft has updated the Chromium Edge browser to version 98.0.1108.50 as of February 10, 2022. I was informed by Microsoft via email that the vulnerability CVE-2022-23264 has been closed. The release notes for Microsoft Edge can be found on this page – but there are no details about the fix. The browser should update automatically, but can also be downloaded here.

Posted in browser, Security, Update | Tagged , , | Leave a comment

Microsoft probably secretly fixes vulnerability in Defender under Windows

Posted on 2022-02-11 by guenni

Windows[German]Microsoft Defender attracted attention some time ago due to a vulnerability in Windows that allowed malware to query the folders left out by the antivirus. It now looks like Microsoft has quietly corrected this vulnerability, because administrator privileges are now required to access this information on Windows. However, it is probably not yet fixed on all Windows systems and it is also unclear whether the fix will come via Windows Update (February 2022 patchday) or via an update to Defender on Windows.

Continue reading

Posted in Security, Software, Windows | Tagged , , , | Leave a comment

QNAP Update QTS 5.0.0.1932 build 20220129 closes SAMBA vulnerability CVE-2021-44142

Posted on 2022-02-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Taiwanese manufacturer QNAP has provided firmware updates for its NAS systems that are supposed to fix the SMB root vulnerability (CVE-2021-44142) in SAMBA. Here are some notes on updating QTS 5.0.0 to close the vulnerability, published by manufacturer QNAP in a security advisory dated late January 2022. QNAP also warns about the CVE-2022-0336 vulnerability and recommends disabling SMBv1.

Continue reading

Posted in devices, Security, Software, Update | Tagged , , | Leave a comment

Emsisoft releases decryptor for Maze, Egregor and Sekhmet ransomware

Posted on 2022-02-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security vendor Emsisoft has released a decryptor for victims of the Maze, Egregor and Sekhmet ransomware. With it, files encrypted by this ransomware can be restored. The decryptor became possible after a member from the "developer circles" posted the master key and announced the exit of the ransomware groups. Here is some information about it.

Continue reading

Posted in Security | Tagged , , | Leave a comment