Sept. 30, 2021: Will we see trouble with old Let's Encrypt certificates?

Posted on 2021-09-30 by guenni

[German]Do you run websites that are signed via Let's Encrypt certificates? Then there could possibly be problems on  September 30, 2021. This is because the root certificate used by Let's Encrypt to sign client certificates will lose its validity on this day (expiry of Intermediate R3 on 2021/09/29 at 19:21:40 GMT – the DST Root CA X3 expires on 2021/09/30 14:01:15 GMT). Clients that only know the old root certificates will not be able to verify Let's Encrypt server certificates after that. Addendum: We have seen issues.

Continue reading

Posted in Security | Tagged | 21 Comments

Amazon's newly introduced Astro Robot, a disaster?

Posted on 2021-09-29 by guenni

Amazon[German]As of September 28, 2021, Amzon has introduced a home robot that goes by the name of Astro. The aim of this device is to provide assistance in the home. Keywords are home monitoring and assistance in conjunction with a cloud service, AI and robotics. However, documents from the development have been leaked to people promptly, which show that the point of home monitoring is ridiculous, the Amazon Astro is the perfect bug to monitor people. Moreover, between the lines resonates that the quite expensive device is not fully developed, in the best case merely quickly broken, but in the worst case poses a risk to the residents of the house. Therefore, a short article that spans the arc between Amazon's marketing and the keywords security, reliability and privacy.

Continue reading

Posted in devices, Security | Tagged , , | 1 Comment

Exchange Server September 2021 CU (2021/09/28)

Posted on 2021-09-29 by guenni

Update[German]Microsoft has released the Exchange quarterly cumulative updates (CU) for September 2021, effective September 28. The quarterly cumulative updates (CUs) are available for Exchange Server 2016 and Exchange Server 2019. These CUs include fixes for customer-reported issues, all previously released security updates and a new security feature. Microsoft Exchange Emergency Mitigation Service is also introduced as a new feature.

Continue reading

Posted in Software, Update | Tagged , | Leave a comment

25 years of Sysinternals

Posted on 2021-09-29 by guenni

It's crazy: 25 years ago, Bryce Cogswell and Mark Russinovich started their Sysinternals tools. On October 14, 2021, there will therefore be a virtual anniversary event
25 Jahre Sysinternals

Posted in Software | Tagged | Leave a comment

Outlook.com: IMAP-XOAUTH2 login fails – some mail clients affected

Posted on 2021-09-29 by guenni

Mail[German]Microsoft seems to have recently changed the authentication for the IMAP protocol on its Outlook.com email service. It is no longer possible to use XOAUTH2, so some mail clients refuse to cooperate. Here is a brief overview of the situation.

Continue reading

Posted in issue, Software | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Thunderbird 91.1.2

Posted on 2021-09-28 by guenni

[German]The developers of the Thunderbird email client have released Thunderbird 91.1.2 on September 28, 2021. This is a maintenance and security update for the 91 development branch, which makes minor fixes.

Continue reading

Posted in Software, Update | Tagged , | Leave a comment

Microsoft is the most hated company in 22 countries

Posted on 2021-09-28 by guenni

[German]Redmond seems to be the most hated brand from the technology sector on this planet. That's the result of a review derived by Rave from many tweets about Big Tech gigants. They came to the conclusion that Microsoft has by far the worst rating of all companies from the big tech sector in 22 countries.

Continue reading

Posted in General | Tagged | 9 Comments

Tip: Windows PrintNightmare test tools for administrators

Posted on 2021-09-28 by guenni

Windows[German]Administrators may be faced with the problem of testing their machine inventory to determine if individual installations are vulnerable to the PrintNightmare vulnerabilities in Windows. Furthermore, it may be necessary to remove or add printers. Someone did the work and implemented some test tools in Python. The whole thing was then released on Github.

Continue reading

Posted in Windows | Tagged , | Leave a comment

Windows 10: 0patch fix for MSHTML vulnerability (CVE-2021-40444)

Posted on 2021-09-27 by guenni

Windows[German]The vulnerability CVE-2021-40444 in the Windows MSHTML library has been known since September 7, 2021. Attackers try to attack Windows machines via this vulnerability using manipulated Office files. There are security updates from Microsoft, but not for older Windows versions. ACROS Security provides 0patch solutions to secure Windows against the MSHTML vulnerability (CVE-2021-40444).

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

WordPress DSGVO Plugin from legalweb.io hacked

Posted on 2021-09-27 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The GDPR plugin for WordPress from the provider legalweb.io has been hacked. WordPress installations that have used this plugin are considered compromised. Users are being redirected to malware sites. Here is a brief summary of what I am aware of so far, based on a reader's tip.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment