[German]A critical vulnerability CVE-2021-44738 has been found in the PostScript interpreter of various Lexmark printers. The manufacturer warns about this vulnerability, which allows remote code execution, in a security advisory and provides a firmware update to close the vulnerability. Here is an overview of this vulnerability.
[German]Today another topic for administrators of Windows systems (Windows 10 and Windows 11) to which Microsoft has commented the days. It is about group policies that can be used in these clients to manage restrictions. At one point it looks like the group policies diverge between Windows 10 and Windows 11. Also, Microsoft recently explained which Group Policies should no longer be used for updates because the conditions have changed since Windows 10 version 1507.
[German]On January 20, 2022, the EU Parliament adopted the so-called Digital Service Act in its first reading. This will make online platforms and online marketplaces more accountable and more stringent in combating illegal content, goods and services, and disinformation. The issue of cookies is also addressed in this bill. Negotiations are now beginning on implementation by the member states.
[German]The year 2021 has already hit some administrators with security incidents. The log4j issue may not be off the table yet, and 2022 started with violent tremors for administrators (key words are the year 2022 bug in Exchange, as well as the January 11, 2022 patchday issues with Microsoft Windows). Jen Easterly, head of the U.S. federal government's Cybersecurity and Infrastructure Security Agency (CISA), called the log4j vulnerability the most serious bug she has seen in her decade-long career. The effects of log4j will be felt by IT, business and society in the coming months and possibly years. So security will continue to be an issue in 2022.
[German]McAfee Agent for Windows is vulnerable to privilege escalation due to a serious vulnerability, allowing program code to execute with Windows SYSTEM privileges. The vendor has since corrected the CVE-2022-0166 vulnerability, which was introduced into products such as McAfee Endpoint Security via an OpenSSL component. The same is true for the second code injection vulnerability, CVE-2021-31854.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Good news in terms of security and Office, because Microsoft finally plugs a gateway for malware by disabling the default support for Excel 4.0 macros. This mitigates an announced and long overdue vulnerability.
[German]WordPress users beware, there are again massive vulnerabilities in WordPress plugins and themes due to a supply chain attack on the provider AccessPress. In dozens of plugins and themes of this provider hackers have built backdoors to hack the sites and possibly take over data. And there is a WordPress HTML mail plugin with a vulnerability. Here is a brief overview.
[German]Microsoft has adjusted its machine learning programs so that machines running Windows 10 version 20H2 are now updated more broadly and automatically to Windows version 21H2. This is Microsoft's response to the fact that support for version 20H2 is about to expire, and it wants to ensure that the machines in question run on newer builds. Here is some information on this topic.
[Geman]The January 11, 2022 security updates for Windows Server 2012/R2 resulted in the Hyper-V host subsequently failing to start. As of January 17, 2022, Microsoft then released special updates to correct this issue. Here is a follow-up on this issue.
[German]Installing Windows 10 or Windows 11 in virtual environments can present some challenges. Depending on the hypervisor, the installation may even fail completely. Blog reader Thomas S. emailed me back in December 2021 with his experiences installing Windows 10 as well as Windows 11 under Microsoft's Hyper-V 2nd generation. I publsih his information here in the blog – maybe other readers can benefit from it.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
