CERT warning: Compromised Exchange servers are misused for email attacks (Nov. 2021)

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researcher, and the Federal Office for Information Security (BSI), and CERT-Bund have issued a warning. These organizations are currently (Nov. 2021) observing a significant increase in e-mail attacks. The two organizations assume that these e-mails are sent from compromised Exchange servers. Malware (Qakbot etc.) is being sent with the emails.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

14 Vulnerabilities in BusyBox

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from JFrog and Claroty Team82 have found 14 vulnerabilities in the popular BusyBox tool. All vulnerabilities were confidentially reported to the developer of BusyBox and fixed in version 1.34.0, which was released on August 19. The vulnerabilities could have been exploited for at least a Denial of Service (DoS) attack. However, in rarer cases, information leaks and possibly remote code execution would have been possible.

Continue reading

Posted in Linux, Security | Tagged , | Leave a comment

Windows 11: Microsoft enforces Edge browser in several protocols, bricks EdgeDeflector

Windows[German]As if there had never been antitrust proceedings against Microsoft in USA and European Union, Redmond is currently massively stretching the limits in Windows 11 when it comes to thwarting the browser competitor. Microsoft Windows 11, as of build 22494, appears to prevent links in some protocols associated of the Microsoft Edge browser from being managed by third-party applications. It's a change that one developer is calling anti-competitive. It's about time the EU's competition commissioner shall be active. Here's a quick look at the facts of the case.

Continue reading

Posted in browser, Windows | Tagged , | 5 Comments

Windows PrintNightmare printing issues: Server loses settings, Error while printing (Nov 11, 2021)

Windows[German]The printing issues in Windows collected under the name PrintNightmare, caused by Windows updates, do not come to an end. Even after the November 2021 patchday (Nov. 9), Microsoft admits to printing issues. Further, an administrator has asked if other admins are observing Windows Server 2019 losing default printer settings. And there's a workaround to use network printers struck by PrintNightmare after all. Here's a quick overview of this hodgepodge.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | 3 Comments

Vulnerability in Linux Kernel

Sicherheit (Pexels, allgemeine Nutzung)[German]There is a vulnerability in the kernel of all popular Linux distributions that researchers from SentinelLabs made public a few days ago. A TIPC module in all common Linux distributions can be exploited by heap overflow attacks that can lead to a system takeover. Attackers can compromise the entire system as a result. However, a patch is available for most distributions.

Continue reading

Posted in Linux, Security | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...


November 2021 Patchday issues: WSUS, DC, Events

Update[German]Microsoft has release various security updates on November 9, 2021 patchday. Beside the already known printing issues caused by previous updates, there are now authentication problems with domain controllers (DCs) in certain Kerberos delegation scenarios. Probably leads to entries in the log files. Some administrators also report that their WSUS cannot pull all updates.

Continue reading

Posted in issue, Security, Update, Windows | Tagged , , , | 6 Comments

Patchday Microsoft Office Updates (November 9, 2021)

Update[German]On November 9, 2021 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Especially for Microsoft Excel a security update is important because a vulnerability is exploited. Here you can find an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

WordPress 5.8.2 released

The developers have released WordPress 5.8.2 on November 10, 2021. This maintenance and security update fixes a security issue and 2 bugs. The changed files are described here. Here in the blogs the update to the new version was executed without any problems.

Posted in Security, Software | Tagged , | Leave a comment

Critical vulnerabilities in Siemens Nucleos RTOS

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from Forescout have discovered 13 critical vulnerabilities in the Nucleos RTOS (Real Time OS) operating system, which is used by Siemens in industrial control systems and in medical devices. Some of the vulnerabilities have a CVSS score of 9.8, and US CISA is warning about the vulnerabilities. However, security updates to close these vulnerabilities are already available.

Continue reading

Posted in Security | Tagged | Leave a comment

Patchday: Windows 11 Updates (November 9, 2021)

Windows[German]On November 9, 2021 (second Tuesday of the month, Patchday at Microsoft), Microsoft has also released a cumulative update for Windows 11, which was released on October 5, 2021. The update is supposed to fix various issues (including performance issues with AMD CPUs, Explorer issues, etc.). Here are some details about this update.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment