[German]The ZLoader banking Trojan is on the rise again. A new ZLoader malware abuses Microsoft's digital signature verification to spread. The goal is to steal user data from thousands of victims from 111 countries. Security experts from Check Point suspect that the MalSmoke group is behind it. Evidence of a new campaign was discovered in November 2021.
[German]Google has released an update to Google Chrome 97.0.4692.71 for Windows, Mac and Linux (and version 97.0.4664.104 for Android) as of January 4, 2022. It's an update to a new development branch that closes vulnerabilities. Here's a quick overview.
[German]On January 4, 2022 (first Tuesday of the month, Office Patchday), Microsoft releases non-security updates for still-supported versions of Microsoft Office. This month, however, there is only one update for Microsoft Office 2016. Here is a brief overview.
[German]Microsoft has released a special update (out of band update) for Windows Server on January 4, 2022. This is supposed to eliminate massive problems that can occur with remote desktop connections. The problem actually affects all Windows Server versions, but updates are not available for all variants.
[German]Vendor VMware has issued a security alert for vulnerability CVE-2021-22045 as of January 4, 2022. This vulnerability, located in the CD-ROM driver, threatens the security of VMware Workstation, Fusion and ESXi Server through a heap overflow. However, updates are available to close this vulnerability. In addition, as a workaround, the CD-ROM feature can be disabled. Here is some information on this.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]It is almost unbelievable what can be hidden behind Windows functions and commands. The format command for formatting disks, which has been available in the command prompt for ages, has a side effect. With a parameter the call of an arbitrary DLL can be forced, which is then loaded from the search path. I could hardly believe this when it was brought to my attention.
[German]With the December 2021 security updates for Microsoft Office, vulnerabilities in the Microsoft Jet Red Database Engine and in the Access Connectivity Engine have been fixed. Subsequently, however, Access databases can only be edited by one person. In the meantime there are first correction updates. Here is a short summary about the current status.
As a reminder, legacy services for BlackBerry 7.1 OS and earlier versions, BlackBerry 10 software, BlackBerry PlayBook OS 2.1 and earlier versions will no longer be available starting January 4, 2022. After that date, devices running these legacy services and software over carrier or Wi-Fi connections will no longer work reliably, including for data, calls, SMS and emergency call functions. The manufacturer points this out in this post.
[German]A quick information/question for the administrators who have a SonicWall email security appliance in use. Do you have error messages in the log files since 1/1/2022 that indicate a date error? I guess the firmware has the same problem as Microsoft Exchange, that a date conversion leads to an overflow.
[German]Microsoft has now delivered a temporary fix for the year 2022 bug that prevents (on-premises) Exchange Servers to transport mails since January 1, 2022. Since I expect that Monday, Jan. 3, 2022, some people will discover that Exchange Server is "broken," I'm summarizing everything worth knowing again in this addendum.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
