[German]In all Windows versions, including Windows 11 and Windows Server 2022, there is an unpatched Local Privilege Escalation vulnerability. This should have been patched since August 2021, but the security update in question did not close the vulnerability completely. Fortunately, the damage is limited, as exploitability is not very easy.
[German]In the night of October 31, 2021, clocks in Europe will be changed back to winter time (standard time). Currently WordPress is still running on daylight saving time. I have now noticed a small problem when scheduling publications. I wanted to schedule a post for 11/1/2021 at 0:10am and uploaded it to the blog using an external tool. In the dashboard, the post appeared to publish on 10/31/2021 at 11:10pm. Thought at first that I had set the wrong date, until it occurred to me that the winter time changeover by WordPress is still unaccounted for. I then scheduled the post for 11/1/2021 at 1:10am, so the dashboard then shows the publish date as 11/1/2021 at 0:10am. On 10/31/2021, the publish time will probably change to 1:10am.
[German]There may be good news for victims of AtomSilo, Babuk and LockFile ransomware. Antivirus vendor Avast has managed to decrypt files encrypted by these malware. In response, the company has released a free decryptor (decryption utility) that victims can use to attempt to decrypt the encrypted document.
[German]Users of a QNAP NAS system should check the device's firmware for updates. Several versions of the QTS operating system and QuTS hero Edition have a vulnerability in the media streaming add-on that is rated as High. In the meantime, QNAP has provided corresponding updates and advises customers to install the affected security patches.
[German]After all, the REvil ransomware gang is notorious for many cyber attacks. After its infrastructure was dismantled by law enforcement, the group disappeared, came back, and disappeared again. But who are the masterminds or backers of this group. German investigators have now managed to identify a leading member of the core group – now a millionaire – behind the infamous Revil malware in Russia.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The German based automotive supplier Eberspächer has probably fallen victim to a successful cyber attack on its IT systems. This was confirmed by the company on October 26, 2021, without disclosing any further details. However, since the workforce has been put on short-time work in the meantime, I assume it was a successful ransomware attack.
[German]It looks like the last few days devices from Acer, Lenovo etc. with Windows suddenly refuse to boot with "no bootable device". The cause is not quite clear yet – it could have been a Windows update. Furthermore, it seems that a BIOS update may have reset some settings. Therefore, I would like to ask if anyone else has made the same observations and can say something about the cause.
[German]As of October 12, 2021, the first cumulative updates for Windows 11 have been released, and even though Microsoft has said that machines that do not meet the minimum requirements may not receive updates, many users have reported that such machines have installed the updates without any problems. But a case has been reported to me by a blog reader where Windows 11 guests in Hyper-V can't install updates.
[German]I'm posting a reader's observation about Windows 10 here for information and discussion on the blog. The October 2021 security updates have caused one of my German blog readers to notice that certain features in Windows 10 no longer works.
[German]There is a new vulnerability in the WordPress plugin Ninja Forms that affects all versions up to 3.6.3. An SQL injection is potentially possible via the vulnerability, so that database queries via input fields are conceivable. The plugin provider released version 3.6.4 two days ago.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
