[German]The critical vulnerability CVE-2021-44228 in the JAVA library log4j, which became known a few days ago, threatens millions of software products. For many server products, users can do little. However, I would like to recommend a closer look to administrators of VMware products, because the manufacturer indicates some virtualization products as affected by the vulnerability.
[German]Users who use the Minecraft game, which belongs to Microsoft, urgently need to update its client, which is written in JAVA. The background is that the log4j vulnerability CVE-2021-44228 also makes Minecraft servers vulnerable via Minecraft clients. The developer of Minecraft, Mojang, already announced this in a blog post over the weekend.
[German]Security researchers from Fortinet warned as early as December 6, 2021 that the Mirai-based botnet Moobot attacks vulnerabilities in the web servers of Hikvision camera systems. All it takes is sending a crafted instruction to the web server to inject commands and compromise the whole thing. The systems are then abused by the botnet for DDoS attacks.
[German]In Windows 11, there was a performance issue with certain NVMe SSDs. With certain random write operations, the throughput performance dropped up to 45% compared to Windows 10. The whole thing was discussed in forums on the Internet. After I picked up the whole thing on the blog, it also led to "not comprehensible" type discussions in the comments. Now, however, Microsoft seems to have addressed and fixed exactly this problem with one of the latest Windows 11 updates.
[German]CyberNews security researchers discovered a Desktop Services Store (DS_STORE) file left on a publicly accessible web server that belongs to Microsoft Vancouver. By analyzing the file, the investigations team was able to learn about the files hosted on the Microsoft Vancouver server, as well as several database dump files stored on the server. This flaw has been corrected, after CyberNews security researchers informed Microsoft.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]If you want to continue to have security updates for Windows 7 SP1, Windows Server 2008 and Windows Server 2008 R2 in 2022, you need the ESU package for the third year. Microsoft is now releasing the relevant keys for ESU 2022. A distributor, who already provided these ESU keys for the first and second year, provided me with the relevant information at the end of the week.
Alexa.com is a website of Alexa Inc – a subsidiary of Amazon, which has been providing website ranking for 25 years and is used to compare websites. Now the provider has announced that the Alexa.com site will be discontinued on May 1, 2022. No new subscriptions have been available since December 8, 2021. In addition to the announcement of the provider, the colleagues from Bleeping Computer have written something about it here.
[German]In these times of the coronavirus pandemic, many people are working from home offices. The increase in remote work requires new ways to keep track of employee performance and results. Problem is that if this is only done by counting keystrokes and measuring time at the desk. Unsurprisingly, a VMware study shows that employee monitoring measures can jeopardize trust in the company and increase turnover.
[German]Microsoft has updated the Edge browser to version 96.0.1054.53 as of December 10, 2021. The release notes only refer to the security page, where 14 vulnerabilities are listed as closed. The browser should be updated automatically, but can also be downloaded here. It is written here that Microsoft Edge should fight typosquatting and prevent users from entering a malicious website. In addition, according to this article, Microsoft has released a tool that is supposed to detect memory leaks in Edge. (via)
Bitdefender previously offered a free antivirus package, Bitdefender Antivirus Free Edition, for Windows. Now the provider announces that Bitdefender Antivirus Free Edition will be retiring. According to the colleagues at deskmodder.de, this is the case as of Jan. 1, 2022. However, support for existing users will continue until June 30, 2022.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
