[German]Taiwanese manufacturer QNAP has provided firmware updates for its NAS systems that are supposed to fix the SMB root vulnerability (CVE-2021-44142) in SAMBA. Here are some notes on updating QTS 5.0.0 to close the vulnerability, published by manufacturer QNAP in a security advisory dated late January 2022. QNAP also warns about the CVE-2022-0336 vulnerability and recommends disabling SMBv1.
[German]Security vendor Emsisoft has released a decryptor for victims of the Maze, Egregor and Sekhmet ransomware. With it, files encrypted by this ransomware can be restored. The decryptor became possible after a member from the "developer circles" posted the master key and announced the exit of the ransomware groups. Here is some information about it.
[German]A German blog reader just notified me about a problem with Microsoft Exchange Online that he was facing suddenly with Microsoft Outlook (from Office 365). A solution that had been running smoothly for years suddenly is causing issues, when synchronizing between Microsoft Outlook and Exchange Online. The error 0x8004011D (disconnected) was reported. With the help of Microsoft support, the problem could be solved – multifactor authentication played a role.
[German]Telecommunications provider Vodafone Portugal suffered a serious cyberattack on Monday, February 7, 2022. This was likely designed to cause maximum destruction, according to the company, and severely affected Vodafone services such as LTE and 5G mobile, TV cable network, SMS, and voice and voicemail services. Currently, the provider still seems to be struggling with restoring services.
[German]Another small addendum – as of February 8, 2022, Microsoft has released .NET Framework updates for various Windows versions. These updates fix bugs and security vulnerabilities in the affected .Net Framework versions. Here is an overview of these .NET Framework updates.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft emailed admins about various revisions to its security advisories as of Feb. 8. The talk about a Remote Desktop Services remote code execution vulnerability, a Windows Kernel Memory Information Disclosure vulnerability, a Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege vulnerability and a Microsoft Power BI Information Disclosure vulnerability. In addition, there was a new Servicing Stack Update (SSU) in Feb. 2022, see ADV990001. However, everything has only informal character, Microsoft only adjusted the descriptions. I'll just post the relevant information here in the blog without comment.
[German]On February 8, 2022 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. RCE vulnerabilities are closed again. Here you can find an overview of the available updates.
[German]The developers of the Thunderbird email client have released Thunderbird 91.6.0 as of February 8, 2022. This is a maintenance update for the 91 development branch that makes fixes. Here is a brief overview.
[German]Mozilla Mozilla developers released versions 97.0 and 95.6esr of the Firefox browser on February 8, January 2022. Firefox 97 is a new development branch, while the ESR version is a bug-fix update to fix bugs.
[German]Microsoft has also released security updates for Windows 7 and 8.1 as well as for the Windows Server counterparts 2008 R2 and 2012/R2 on February 8, 2022. Among other things, fixes are being made to the Lightweight Directory Access Protocol (LDAP). Here is an overview of these special updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
