Linux vulnerabilities patched fastest (Feb. 2022)

Posted on 2022-02-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]There is always a discussion about how quickly or how slowly vulnerabilities are patched by developers. Google's Project Zero has therefore taken a look at how quickly security vulnerabilities are closed in Linux or in products from Microsoft (Windows) and Apple (macOS). It is about vulnerabilities reported by Project Zero to the manufacturers/developers between 2019 and 2021. The result: Linux developers are patching by far the fastest.

Continue reading

Posted in Security, Update | Tagged , | 1 Comment

axis.com (IP security camera vendor) is down (Feb. 21, 2022)

Posted on 2022-02-21 by guenni

Stop - Pixabay[German]Brief note for people dealing with security cameras from vendor Axis. A German blog reader informed me, that the website of this vendor is currently down. There seems to be massive technical issues causing a major outage. Whether it is the result of a cyber attack, or just the technology, I can not currently answer. Means that customers (banks, supermarkets, etc.) can no longer access their security cameras remotely because the cloud is down. Here is some information. Addendum: It looks like a cyberattack – because after my inquiry on Twitter, there is a new reference to an "IT-related intrusion" on the status page – see addendum in the text. Addendum 1: It's was a cyberattack that has taken place.

Continue reading

Posted in issue, Security | Tagged , | Leave a comment

Windows 10/11 (21H2): Wipe does not delete user data

Posted on 2022-02-21 by guenni

Windows[English]Microsoft offers the possibility to reset a system with Windows 10 or Windows 11 to factory settings locally or remotely (via Intune). There is also the option to remove the user files. This is desirable if a machine is perhaps to be passed on to another user. MVP Rudy Ooms has now discovered that resetting Windows including removing the user files does not work under Windows 10 and Windows 11 in version 21H2. Addendum: Note about OneDrive client als a root cause added. Addendum 2: The issue has been confirmed by Microsoft.

Continue reading

Posted in issue, Windows | Tagged , , | Leave a comment

Vulnerability discovered in various zebNet products (Feb. 2022)

Posted on 2022-02-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The vendor zebNet has discovered a critical vulnerability in various products that allow a man-in-the-middle attack (MITM) in the update process of the affected application. The night I was then contacted by the manufacturer by mail and asked to publish the whole thing here in the blog. The background: Informing customers about the vulnerability is proving difficult.

Continue reading

Posted in Security | Tagged | Leave a comment

Security Updates for Cisco Email Security Appliances (Feb. 2022)

Posted on 2022-02-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cisco has released security updates this week to close a highly classified vulnerability (CVE-2022-20653) in its email security appliances. Attackers were able to crash the e-mail security appliances via prepared e-mails and thus virtually launch a DoS attack. Affects Cisco AsyncOS software versions 14.0, 13.5, 13.0, 12.5 and older on Cisco ESA devices when DANE is enabled.

Continue reading

Posted in Security | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Ransomware hits Europe's industrial control systems and operating technology as frequently as IT systems

Posted on 2022-02-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Interesting findings from a survey of 1,100 security specialists as part of a study with regard to the security of industrial systems and critical infrastructure in Europe. The message of the study was that industrial control systems and operating technology in Europe were attacked by ransomware almost as frequently as IT systems. One in two victims experienced significant disruption as a result of these attacks.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows 11: Internet connection and Microsoft account becomes mandatory during setup

Posted on 2022-02-18 by guenni

Windows[German]Microsoft is once again experimenting a lot with the online requirement for upcoming Windows versions. The cat was let out of the bag in the Insider Preview of Windows 11: An Internet connection is mandatory for installation in the OOBE phase. And only Microsoft accounts are then provided for setting up user accounts. By the way, this refers to the Windows 11 Pro variants. This means that scenarios that have been feared time and again are slowly becoming reality.

Continue reading

Posted in Windows | Tagged | 1 Comment

Firefox 97.0.1 released

Posted on 2022-02-18 by guenni

Mozilla[German]On February 17, 2022, Mozilla developers released version 97.0.1 as a maintenance update of the Firefox browser to correct various bugs.

Continue reading

Posted in browser | Tagged | Leave a comment

Trend Micro Worry Free Business Security Critical Patch 2390

Posted on 2022-02-18 by guenni

Update[German]Der Sicherheitsanbieter Trend Micro hat zum 15.2.2022 das Update 2390 für seine Worry Free Business Security (WFBS) freigegeben. Der Patch aktualisiert den Apache Web-Server auf Version 2.4.5 und behebt diverse Problemein der Virenschutzlösung. Um diesen Patch zu installieren, muss genügend freier Festplattenspeicher (13 GByte oder mehr) auf dem Systemlaufwerk vorhanden sein.

Continue reading

Posted in Software, Update | Tagged , | Leave a comment

Surface Book 3: Feb. 2022 firmware update may brick device

Posted on 2022-02-18 by guenni

[German]Owners of a Microsoft Surface Book 3 should be careful installing a Feb. 2022 firmware update on these devices at the moment. I have information that the combination of certain firmware updates can lead to real issues and bricks a device (device no longer boots, drives disappear).

Continue reading

Posted in devices, issue, Update | Tagged , , | 1 Comment