Linux: Microsoft recommendation on enforcement mode against Active Directory takeover may cause issues

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft recommends installing the November 2021 security updates on Windows servers that operate as DCs as protection against a domain takeover caused by the vulnerabilities CVE-2021-42287 and CVE-2021-42278. And Micrsooft also recommends enabling so-called enforcement mode to protect against the exploit on all Active Directory domain controllers (in Juli 2022 this will be activated by an update). However, a blog reader now pointed out that this causes collateral damage and Linux clients are often unable to do an AD-join.

Continue reading

Posted in Linux, Security, Update, Windows | Tagged , , | Leave a comment

Over 20,000 HPE Proliant servers with outdated iLO accessible via the Internet

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Advisory for administrators of HPE Proliant servers running outdated or unpatched HPEs Integrated Lights-out versions. The Internet Storm Center (SANS ISC) warned this week that more than 20,000 HPE Proliant servers were accessible via the Internet. Wouldn't be such a problem if those servers weren't running an outdated iLO version, or hadn't patched known iLO vulnerabilities.

Continue reading

Posted in devices, Security, Software | Tagged , , | Leave a comment

QNAPs forced update after 3,600 DeadBolt ransomware infections (Jan. 2022)

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[GermanGeman]QNAP users are currently victims of the DeadBolt ransomware – I didn't have it in the blog, but within a week there were probably over 3,600 victims. The NAS manufacturer is now resorting to drastic measures and is trying to forcibly update the firmware of affected devices. However, this leads to malfunctions on some devices (iSCSI devices no longer work).

Continue reading

Posted in devices, Update | Tagged , | Leave a comment

Microsoft Microsoft Security Update Revisions (Jan. 27, 2022)

Posted on 2022-01-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft released last night an an email about various revisions to its security advisories. It is about a Windows DCOM server vulnerability and Defender for IoT vulnerabilities. However, everything is only of an informal nature, Microsoft has only adjusted the descriptions. I'll just post the relevant information here on the blog without comment.

Continue reading

Posted in Security | Tagged , , | Leave a comment

SANS ISC warns: Malicious ISO file embedded in HTML page (Jan 2022)

Posted on 2022-01-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The Internet Storm Center (SANS ISC) warns about some new attack scam that is attempted via phishing emails. The attackers are trying to distribute malicious content to users via an ISO file embedded in an HTML page. What was interesting to me was that the ISO cannot be mounted with Windows 10, but contains a VBS file with a dropper for further downloads. It looks like there is an attack vector in testing that tries to disguise the malware from the usual detection methods. That's why I'm posting the whole thing here on the blog.

Continue reading

Posted in Security | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Edge 97.0.1072.76

Posted on 2022-01-28 by guenni

Edge[German]Microsoft has updated the Chromium Edge browser to version Edge 97.0.1072.76 [edit: typo in version amended] as of January 27, 2022 (thanks to the reader for pointing this out). This is a maintenance update. Microsoft lists the release notes for Microsoft Edge and its security updates on this page (there is no entry here yet). However, the entry for the version does not give much away (see also this comment), because it says: Fixed various bugs and performance issue. The browser should be updated automatically, but can also be downloaded here.

Posted in browser, Update, Windows | Tagged | Leave a comment

Thunderbird 91.5.1

Posted on 2022-01-28 by guenni

[German]The developers of the Thunderbird email client have released Thunderbird 91.5.1 on January 24, 2022. This is a maintenance update for the 91 development branch that makes fixes. Here is a brief overview..

Continue reading

Posted in Software, Update | Tagged | Leave a comment

Firefox 96.0.3 and 91.5.1 esr released

Posted on 2022-01-28 by guenni

Mozilla[German]Mozilla developers have released version 96.0.3 and 95.5.1esr of the Firefox browser on January 27, 2022. This is a bugfix update to fix a bug in the telemetry.

Continue reading

Posted in browser, Update | Tagged , | Leave a comment

Windows 11 upgrade for compatible devices in final availability phase (Jan. 2022)

Posted on 2022-01-27 by guenni

Windows[German]Microsoft has entered the final phase and increased the pace of the Windows 11 rollout on compatible Windows 10 devices. Released on October 5, 2021, the operating system can now be installed on all compatible devices as an upgrade by all interested users, according to Microsoft's latest announcement. But I wonder where the compatible devices are coming from and who is upgrading to Windows 11?

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Windows 11: Microsoft fixes issues rendering colors correctly

Posted on 2022-01-27 by guenni

Windows[German]Since the release of Windows 11, users have complained about problems with color management and that the use of ICC color profiles does not work. Now Microsoft has fixed the problem, which was officially confirmed in 2021, with the preview update KB500835 from January 25, 2022. Here is a brief overview of this issue.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment