[German]Microsoft's admin.microsoft.com sub-domain is down, which means that many admin centers for Microsoft services (Office 365, etc.) are no longer accessible. Here is a quick overview of what is known so far. Addendum: It seems to affect Europe, Middle East and Africa. The cause is also hinting – an update to the cloud stuff went wrong. Microsoft is rolling everything back and hopes to fix the problem with that.
[German]Google has released updates to Google Chrome 98.0.4758.80/81/82 for Windows and 98.0.4758.80 for Mac and Linux on February 1, 2022. The Android browser has been updated to version 98.0.4758.87 and the iOS version to 98.0.4758.85. The updates close 27 vulnerabilities. Some vulnerabilities are classified as High. Here is a brief overview.
[German]On February 1, 2022 (first Tuesday of the month, Office Patchday), Microsoft releases non-security updates for still-supported versions of Microsoft Office. This month, there are updates for Microsoft Office 2013 and 2016 that address the Access issue of only one user being able to open a database. Here's a brief overview.
[German]Cyber criminals have found a way to abuse text-based CSV files in order to install BazarBackdoor malware on victims' systems. Security researchers probably came across this fact while monitoring a phishing campaign. The culprit is the ability to access the Dynamic Data Exchange (DDE) function from within Microsoft Excel from CSV files. I'm including the case here in the blog so that administrators in corporate environments can react to it if necessary.
[German]Oiltanking, a German company belonging to the Hamburg-based Marquard & Bahls group, has been the victim of a cyberattack. In addition, the IT of the mineral oil trader Mabanaft, which belongs to the same group, is also said to have been affected. As a result, a critical infrastructure (CRITIS) has been paralyzed, as Oiltanking's fuel loading systems are shut down. The German Shell fuel service station chain is also affected.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The question why NAS manufacturer QNAP recently updated its devices via forced update has now been answered. The attacks by the DeadBolt ransomware that took place in January 2022 were only possible if the NAS owners made them accessible on the Internet on the one hand and did not install any updates on the other. This is because the exploited vulnerability was patched in December 2021.
Citrix, a cloud computing and virtualization company, has announced plans to be acquired by affiliates of global investment firm Vista Equity Partners and an affiliate of Elliott Investment Management called Evergreen Coast Capital Corporation. Continue reading
[German]Microsoft has just released information that affects Windows 10 and Windows 11, as well as their server counterparts. In order to successfully install updates on these machines, they apparently have to be accessible online via the Internet for a longer period of time every month (at least two, sometimes up to six hours). Microsoft talks about update compliance and update connectivity – that is, a certain behavior, which is required. If this is not ensured, the system will not receive appropriate updates.
[German]In January 2022, Microsoft closed the CVE-2022-21882 (Win32k Privilege Escalation) vulnerability in Windows 10/11 and Windows Server 20H2 on Patchday. However, the patch was not installed everywhere because of the many collateral damages. Now a public proof of concept (PoC) for this vulnerability is available. Administrators should check if the January 2022 fix updates can be installed to close the vulnerability. Here is a brief overview of this issue.
Microsoft has released Sharepoint Migration Tool (SPMT) 3.5.123.0 in January 2022 with new features to allows users to migrate SharePoint Server 2010.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
