[German]In late January 2022, a critical vulnerability CVE-2021-44738 in the PostScript interpreter of various Lexmark printers became public. The manufacturer warns about this vulnerability, which allows remote code execution, and provides a firmware update to close it. But there are other vulnerabilities that have received little attention so far, but may be more critical.
[German]Blog reader Timo J. informed me about a special observation on February 7, 2022. He observed that since that date certain Fujitsu computers (P400 E85+) simply boot up again after shutdown, as if the computer had been restarted. This happens only as long as the LAN cable is plugged in, he found out. So far there are only two computers, but exactly the same model, with the same problem. The January 2022 update is released, the February 2022 update was not installed there yet. Solution: Disable the LAN option in Wake Up Resources in the BIOS. The problem should have to do with WOL. To be on the safe side, he also disabled the corresponding options for network adapters in Device Manager. Maybe it helps someone.
[German]Microsoft has updated the Chromium Edge browser to version 98.0.1108.50 as of February 10, 2022. I was informed by Microsoft via email that the vulnerability CVE-2022-23264 has been closed. The release notes for Microsoft Edge can be found on this page – but there are no details about the fix. The browser should update automatically, but can also be downloaded here.
[German]Microsoft Defender attracted attention some time ago due to a vulnerability in Windows that allowed malware to query the folders left out by the antivirus. It now looks like Microsoft has quietly corrected this vulnerability, because administrator privileges are now required to access this information on Windows. However, it is probably not yet fixed on all Windows systems and it is also unclear whether the fix will come via Windows Update (February 2022 patchday) or via an update to Defender on Windows.
[German]Taiwanese manufacturer QNAP has provided firmware updates for its NAS systems that are supposed to fix the SMB root vulnerability (CVE-2021-44142) in SAMBA. Here are some notes on updating QTS 5.0.0 to close the vulnerability, published by manufacturer QNAP in a security advisory dated late January 2022. QNAP also warns about the CVE-2022-0336 vulnerability and recommends disabling SMBv1.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Security vendor Emsisoft has released a decryptor for victims of the Maze, Egregor and Sekhmet ransomware. With it, files encrypted by this ransomware can be restored. The decryptor became possible after a member from the "developer circles" posted the master key and announced the exit of the ransomware groups. Here is some information about it.
[German]A German blog reader just notified me about a problem with Microsoft Exchange Online that he was facing suddenly with Microsoft Outlook (from Office 365). A solution that had been running smoothly for years suddenly is causing issues, when synchronizing between Microsoft Outlook and Exchange Online. The error 0x8004011D (disconnected) was reported. With the help of Microsoft support, the problem could be solved – multifactor authentication played a role.
[German]Telecommunications provider Vodafone Portugal suffered a serious cyberattack on Monday, February 7, 2022. This was likely designed to cause maximum destruction, according to the company, and severely affected Vodafone services such as LTE and 5G mobile, TV cable network, SMS, and voice and voicemail services. Currently, the provider still seems to be struggling with restoring services.
[German]Another small addendum – as of February 8, 2022, Microsoft has released .NET Framework updates for various Windows versions. These updates fix bugs and security vulnerabilities in the affected .Net Framework versions. Here is an overview of these .NET Framework updates.
[German]Microsoft emailed admins about various revisions to its security advisories as of Feb. 8. The talk about a Remote Desktop Services remote code execution vulnerability, a Windows Kernel Memory Information Disclosure vulnerability, a Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege vulnerability and a Microsoft Power BI Information Disclosure vulnerability. In addition, there was a new Servicing Stack Update (SSU) in Feb. 2022, see ADV990001. However, everything has only informal character, Microsoft only adjusted the descriptions. I'll just post the relevant information here in the blog without comment.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
