[German]There is a vulnerability in the kernel of all popular Linux distributions that researchers from SentinelLabs made public a few days ago. A TIPC module in all common Linux distributions can be exploited by heap overflow attacks that can lead to a system takeover. Attackers can compromise the entire system as a result. However, a patch is available for most distributions.
[German]Microsoft has release various security updates on November 9, 2021 patchday. Beside the already known printing issues caused by previous updates, there are now authentication problems with domain controllers (DCs) in certain Kerberos delegation scenarios. Probably leads to entries in the log files. Some administrators also report that their WSUS cannot pull all updates.
[German]On November 9, 2021 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Especially for Microsoft Excel a security update is important because a vulnerability is exploited. Here you can find an overview of the available updates.
The developers have released WordPress 5.8.2 on November 10, 2021. This maintenance and security update fixes a security issue and 2 bugs. The changed files are described here. Here in the blogs the update to the new version was executed without any problems.
[German]Security researchers from Forescout have discovered 13 critical vulnerabilities in the Nucleos RTOS (Real Time OS) operating system, which is used by Siemens in industrial control systems and in medical devices. Some of the vulnerabilities have a CVSS score of 9.8, and US CISA is warning about the vulnerabilities. However, security updates to close these vulnerabilities are already available.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On November 9, 2021 (second Tuesday of the month, Patchday at Microsoft), Microsoft has also released a cumulative update for Windows 11, which was released on October 5, 2021. The update is supposed to fix various issues (including performance issues with AMD CPUs, Explorer issues, etc.). Here are some details about this update.
[German]On November 9, Microsoft released security updates for Windows clients and servers, for Office, Exchange, etc. – as well as for other products – were released. Microsoft warns that vulnerabilities in Exchange and Excel are being exploited. Below is a compact overview of these updates released on Patchday.
[German]On November 9, Microsoft has released various updates for Windows 7 SP1 systems that are still in ESU support. Also with ESU Bypass v11 the whole thing still works. But these security updates are also available for Windows Server 2008 R2 with ESU support. Here is some information about the Monthly Rollup and Security only updates for this operating system.
[German]On November 9, Microsoft released various updates for Windows 8.1. However, these security updates are also available for Windows Server 2012 R2. Here is some information on the Monthly Rollup and Security only updates for these operating systems.
[German]For administrators of Exchange Server 2013, 2016 and 2019, Microsoft has released the security updates for the current month as of November 9, 2021. Most relevantly, a Remote Code Execution (RCE) vulnerability CVE-2021-42321 is closed (was exploited at the Tianfu 2021 hacker contest). This is already being exploited by attackers in the wild – albeit on a limited scale – so prompt installation of the November 2021 security updates is advised.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
