[German]Security researchers from Forescout have discovered 13 critical vulnerabilities in the Nucleos RTOS (Real Time OS) operating system, which is used by Siemens in industrial control systems and in medical devices. Some of the vulnerabilities have a CVSS score of 9.8, and US CISA is warning about the vulnerabilities. However, security updates to close these vulnerabilities are already available.
[German]On November 9, 2021 (second Tuesday of the month, Patchday at Microsoft), Microsoft has also released a cumulative update for Windows 11, which was released on October 5, 2021. The update is supposed to fix various issues (including performance issues with AMD CPUs, Explorer issues, etc.). Here are some details about this update.
[German]On November 9, Microsoft released security updates for Windows clients and servers, for Office, Exchange, etc. – as well as for other products – were released. Microsoft warns that vulnerabilities in Exchange and Excel are being exploited. Below is a compact overview of these updates released on Patchday.
[German]On November 9, Microsoft has released various updates for Windows 7 SP1 systems that are still in ESU support. Also with ESU Bypass v11 the whole thing still works. But these security updates are also available for Windows Server 2008 R2 with ESU support. Here is some information about the Monthly Rollup and Security only updates for this operating system.
[German]On November 9, Microsoft released various updates for Windows 8.1. However, these security updates are also available for Windows Server 2012 R2. Here is some information on the Monthly Rollup and Security only updates for these operating systems.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]For administrators of Exchange Server 2013, 2016 and 2019, Microsoft has released the security updates for the current month as of November 9, 2021. Most relevantly, a Remote Code Execution (RCE) vulnerability CVE-2021-42321 is closed (was exploited at the Tianfu 2021 hacker contest). This is already being exploited by attackers in the wild – albeit on a limited scale – so prompt installation of the November 2021 security updates is advised.
[German]The U.S. company Robinhood Markets has confirmed a privacy incident involving the personal data of about 7 million customers. That's about a third of its users. Among other things, a cyberattacker captured emails, which could lead to follow-up attacks on Robinhood customers. The cyberattacker attempted to extort the company after gaining access to email addresses and more through social engineering of a customer service representative.
[German]On November 9, 2021 (second Tuesday of the month, Patchday at Microsoft), various cumulative updates for the supported Windows 10 builds (from RTM version to the current version 21H1) were released. Here are some details about the respective patchday security updates.
[German]Microsoft has announced a new variant of Windows 11 called Windows 11 SE for November 9, 2021. This Windows 11 variant is supposed to be specially designed for low-cost educational PCs and offers optimizations for low-end hardware. I had already speculated about this move by Microsoft a few days ago – which has now been so confirmed.
[German]Support for Windows 7 SP1 and Windows Server 2008 R2 expired on January 14, 2020. However, Microsoft had provided a paid Extended Security Update Support for the two operating systems, which provides updates until January 10, 2023. Now it has been announced that Microsoft is extending this ESU support for Windows Server 2008 R2 for another year.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
