[German]Router manufacturer MikroTik has published a security advisory on how to protect its devices against a takeover by the Meris botnet. The Meris gang exploits the CVE-2018-14847 vulnerability, discovered in 2018 and patched long ago, to take over devices and then abuse them for DDoS attacks. Here is some information about it.
[German]Security researchers from Lumen's Black Lotus Labs have come across several malware samples that can infect the Windows subsystem for Linux and then switch to the native Windows environment. Experts had outlined this scenario back in 2017. Thus, the Microsoft WSL implementation creates a new attack surface for malware developers. Here's some information on the topic.
[German]Small news from the world of computer technology: The inventor and entrepreneur Sir Clive Marles Sinclair died yesterday, September 16, 2021 in London, at the age of 81. Born near Richmond on July 30, 1940, the British inventor is considered, among other things, the father of the Sinclair ZX81 and ZX Spectrum computers that were popular in the 1980s.
[German]The developers of the Thunderbird email client have released Thunderbird 91.1.1 as of September 16, 2021. This is a maintenance and security update for the 91 development branch, which makes minor fixes.
[German]Microsoft has released a security advisory for the Edge browser as of September 16, 2021, updating the browser to version 93.0.961.52. The update also closed the CVE-2021-30633 vulnerability, which is actively exploited, according to the release notes. The browser should be updated automatically, but can also be downloaded here. (via)
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]That's it for Windows 11 – at least with older hardware, if I'm right. If the hardware requirements already caused head shaking and unstoppable enthusiasts were looking for ways to install the operating system on machines that did not meet the requirements, this will now be blocked. In the latest Insider Build, Microsoft makes a TPM 2.0 and secure boot mandatory for virtual machines to run Windows 11.
[German]Hope for victims of REvil/Sodinokibi ransomware attacks who have lost access to encrypted data. Security vendor Bitdefender has succeeded in developing a universal REvil decryptor in cooperation with law enforcement agencies. The REvil Decryptor helps with all files that were encrypted by July 13, 2021. The tool is available free of charge.
[German]Microsoft has announced a new Office 2021 (as well as an LTSC version) for the 2nd half of 2021. The LTSC version of Microsoft Office is available now. The Office 2021 version, on the other hand, is scheduled for release to business customers and consumers on October 5, 2021. Here is some information about these products.
[German]The vulnerability CVE-2021-40444 in the Windows MSHTML library has been known public since September 7, 2021. Actors attempt to attack Windows machines via this vulnerability using manipulated Office files. As of September 14, 2021, Microsoft has addressed the vulnerability in Windows security updates. In addition, I have new analysis on the vulnerability. As a follow-up to Patch day, here is a summary of the current state of affairs.
[German]For months, a number of vulnerabilities in the Windows Print Spooler service, which are summarized under the term PrintNightmare, have existed in all Windows versions. Microsoft has been trying to close the vulnerabilities completely since July 2021 to no avail. New problems occur after every patch. At patchday on September 14, 2021, there was another PrintNightmare fix, but it poses problems again. Here is a brief overview of the state – we can say: For some users it's a new desaster, because the printer won't work after update.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
