Developer sabotages open source modules colors.js and faker.js in NPM, affecting thousands of projects

Posted on 2022-01-10 by guenni

Stop - Pixabay[German]There's a bigger issue looming in open source. Thousands of projects that have included the open source modules colors.js and faker.js via the npm package manager have now run into a serious problem. The developer of the two modules became frustration that mega-corporations and commercial users of open source projects are helping themselves to this free library without giving anything back. So he decided to commit code, that breaks the two modules.

Continue reading

Posted in Software | Tagged , | Leave a comment

Windows Terminal Emulator: DoS and "White Screen of Death" via Escape Characters to Change the Title

Posted on 2022-01-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Windows offers the possibility to change the window title of windows of a terminal emulator via control characters (ANSI Escape Characters). Some blog readers still know this, was used to adjust colors of a DOS window for example. A security researcher has shown that something like DoS attacks are also possible with it, which allow a white window ("White Screen of Death") or even a crash of the system via vulnerabilities in the applications. This is especially a problem in environments (Kubernetes) where terminal emulators are used and the window or the whole Windows machine can be crashed.

Continue reading

Posted in issue, Windows | Tagged , , | Leave a comment

VeraCrypt 1.25.7 (for Windows 7, 8.x, 10)

Posted on 2022-01-09 by guenni

[German]In December 2021, the developers of the encryption software VeraCrypt had released version 1.25.4, which was indeed upgraded for MacOSX on Apple's Silicon M1 processors. But for Windows only systems from Windows 10 were supported. This has been corrected with version 1.25.7, released on January 7, 2022, which again supports Windows Vista, Windows 7 and Windows 8/8.1.

Continue reading

Posted in Software | Tagged | Leave a comment

Honda and Acura also had a Year 2K22 bug

Posted on 2022-01-09 by guenni

[German]I've reported already about the Year 2K22 bug, which disturbed Microsoft Exchange or the Sonicwall E-Mail Security Application on 1/1/2022. But also owners of a Honda or an Acura are annoyed by this bug, because the time of the navigation system jumps to Jan. 1, 2002.

Continue reading

Posted in issue, Software | Tagged , | Leave a comment

Windows: Issues with Expired Updates, Print jobs hangs, Forced restart after driver install

Posted on 2022-01-09 by guenni

Windows[German]Today a small collection of problems that have just come to my attention in the Windows environment. Windows 10 clients stumble across expired updates that cannot be installed because Microsoft has not removed them. Users are annoyed that Windows Update suddenly restarts their Windows 10 systems because a driver (HP Development Company, LP. system – 7.0.21.30155) was installed. And a case has come to my attention where print jobs remain in the print queue after printing under Windows Server 2019.

Continue reading

Posted in issue, Windows | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Attacks on VMWare Horizon servers with log4j vulnerability

Posted on 2022-01-08 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The consequences of the vulnerability discovered in the JAVA library log4j at the end of 2021 are slowly becoming visible. The UK National Health Service (NHS) IT specialists observe that an unknown threat group is targeting VMWare Horizon servers with the log4Shell vulnerability in order to install web shells for future attacks.

Continue reading

Posted in Security | Tagged | Leave a comment

SonicWall: 2Y22 bug affects email security products

Posted on 2022-01-08 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In early January 2022, Microsoft Exchange gave administrators a scare because of a Year 2022 bug. But SonicWall also has a Year 2022 problem with its email security appliance, as I mentioned here on the blog. On Jan. 1, 2022, certain features in products there went on strike. Now the vendor has acknowledged in an announcement that this bug is affecting its email security products.

Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

RCE vulnerability – similar to log4j – discovered in H2 (Java) database system

Posted on 2022-01-08 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers have discovered a remote code execution (RCE) vulnerability in the H2 database console that is reminiscent of the recently discovered JAVA vulnerability log4j. Meanwhile, the developers of the H2 database console have released a security update that closes this vulnerability.

Continue reading

Posted in Security | Tagged | Leave a comment

December 2021 security update KB5008212 kills Outlook Search

Posted on 2022-01-08 by guenni

Update[German]The security update KB5008212 distributed on December 14, 2021 for Windows 10 version 2004 to 21H2 has an unpleasant collateral damage. Anyone who has installed the update may find that Outlook Search no longer works afterwards. Microsoft has now acknowledged this problem. Here are some hints on the topic.

Continue reading

Posted in issue, Office, Update | Tagged , , | Leave a comment

Edge 97.0.1072.55

Posted on 2022-01-07 by guenni

Edge[German]Microsoft has updated to January 6, 2022 and the browser to version 97.0.1072.55. This is a new development branch, which brings some innovations, but also closes security holes. Here is a brief overview of what changes with the update.

Continue reading

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment