[German]Small addendum from this week, as Microsoft has released two preview updates (KB500562, KB5005625) for Windows 10 (Enterprise/Education and Server variants of 1809 and 1909) as of Sept. 21, 2021. The preview updates are optional and are intended to fix various issues. Here is an overview of this update.
[German]The European Commission has announced a legislative proposal by September 23, 2021 to tackle the problem of e-waste caused by different charging interfaces on electronic devices. The move seems necessary after the industry worked for years on a voluntary approach but could only reduce the number of charging interfaces from 30 to 3 variants. The unified charging interface is likely to come.
[German]A command injection vulnerability exists in the web server of some Hikvision products due to insufficient input validation. Unauthorized persons could send messages with malicious commands to the web server via this vulnerability. The manufacturer has provided a firmware update to close this vulnerability. OEMs such as ABUS and TRENDnet are also affected.
[German]Security researchers at Guardicore have discovered a design flaw in Microsoft Exchange autodiscover protocol that allows attackers to use external autodiscover domains to harvest domain credentials. This is possible because autodiscover domains outside the user's domain (but still in the same TLD) can be abused. Here are some details about this flaw.
[German]Since the patchday of September 14, 2021, when further security updates to close the PrintNightmare vulnerabilities are delivered, there are massive problems with network printers in some environments. The background is that Microsoft implemented certain security measures in August and September 2021. This post reflects the status as of September 22, 2021 and summarizes solutions as well as workarounds to resolve printing issues from various posts here on the blog.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Google has released the stable version of Google Chrome 94.0.4606.54 for Windows, Mac and Linux on September 21, 2021. It is a security update that closes 19 vulnerabilities. Here's a quick overview of what to expect from the update. Continue reading
[German]Adobe has released a security update for Adobe Acrobat (Reader) DC to version 21.005.20091 on September 14, 2021, which is intended to eliminate critical errors. The problem with this is that on some systems, Adobe Reader DC 21.007.20091 cannot be used afterwards because it crashes with error 0xc0000142. I don't have a solution yet, but pull together some information. Addendum: Added more information on September 29, 2021.
[German]For patchday on September 14, 2021, Microsoft has released security updates for the supported Windows systems, which should also eliminate further PrintNightmare vulnerabilities. However, these updates cause problems so that network printers can no longer be controlled. In some cases, a simple workaround might help without having to uninstall the security update.
[German]Healthcare facilities are likely to be the main target of ransomware attacks in 2020, as Unit 42 of security firm Palo Alto Networks found out and published in a Thread report. It is believed that cyber criminals targeted the facilities more because healthcare facilities were under tremendous pressure due to the influx of COVID-19 patients. Palo Alto Networks has therefore compiled ten approaches for better protection in this area. Continue reading
[German]For months, a number of vulnerabilities in the Windows Print Spooler service have existed in all versions of Windows, collectively known as PrintNightmare. Microsoft has been trying in vain to close the vulnerabilities completely since July 2021, but is having problems. The updates released for patchday on September 14, 2021 also cause problems, which Microsoft has now partially acknowledged. There is the advice to update the printer driver to be able to print again.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
