Patch day recap Sept. 2021: Update on MSHTML vulnerability CVE-2021-40444

Posted on 2021-09-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The vulnerability CVE-2021-40444 in the Windows MSHTML library has been known public since September 7, 2021. Actors attempt to attack Windows machines via this vulnerability using manipulated Office files. As of September 14, 2021, Microsoft has addressed the vulnerability in Windows security updates. In addition, I have new analysis on the vulnerability. As a follow-up to Patch day, here is a summary of the current state of affairs.

Continue reading

Posted in Office, Security, Update, Windows | Tagged , , , , , | Leave a comment

Patchday Sept. 2021 Review: New PrintNightmare fix, new issues, new desaster?

Posted on 2021-09-16 by guenni

Windows[German]For months, a number of vulnerabilities in the Windows Print Spooler service, which are summarized under the term PrintNightmare, have existed in all Windows versions. Microsoft has been trying to close the vulnerabilities completely since July 2021 to no avail. New problems occur after every patch. At patchday on September 14, 2021, there was another PrintNightmare fix, but it poses problems again. Here is a brief overview of the state – we can say: For some users it's a new desaster, because the printer won't work after update.

Continue reading

Posted in issue, Security, Update, Windows | Tagged , , , , , , | Leave a comment

Microsoft accounts support passwordless login

Posted on 2021-09-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft now supports passwordless logins to Microsoft accounts. The company announced this in a blog post on September 15, 2021. This should make it possible to log in to Windows, Office or other Microsoft services via the Authenticator app without entering a password. Microsoft wants to increase the security of the systems with this step.

Continue reading

Posted in Security | Tagged | Leave a comment

Patchday Microsoft Office Updates (September 14, 2021)

Posted on 2021-09-16 by guenni

Update[German]On September 14, 2021 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Here is an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | 1 Comment

Registration open for Microsoft's Ignite 2021

Posted on 2021-09-15 by guenni

[German]Microsoft will hold its Ignite 2021 conference from November 2 to 4, 2021. Microsoft Ignite is an annual conference for developers and IT experts. Because of the coronavirus pandemic, everything takes place as a digital online event, and access is free. Registration is now open.

Continue reading

Posted in General | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Adobe Acrobat (Reader) DC 21.007.20091

Posted on 2021-09-15 by guenni

[German]Adobe has released a security update for Adobe Acrobat (Reader) DC to version 21.005.20091 on September 14, 2021, which is intended to patch vulnerabilities considered critical and important according to APSB21-55. The release notes contain the download addresses for the Windows and macOS installers, as well as notes on what (important) bugs have been fixed. (via)

Posted in Security, Software, Update | Tagged , | Leave a comment

Patch Microsoft Azure vulnerabilities OMIGOD in Linux VMs

Posted on 2021-09-15 by guenni

[German]Those responsible for Linux VMs under Microsoft Azure need to react immediately. Management agents have been silently installed, that have RCE and LPE vulnerabilities. The vulnerability, called OMIGOD, must be patched manually because there is no Azure update mechanism.

Continue reading

Posted in Cloud, Linux, Security, Update | Tagged , , , , | Leave a comment

Patchday: Updates for Windows 7/Server 2008 R2 (September 14, 2021)

Posted on 2021-09-15 by guenni

Update[German]On September 14, Microsoft has released various updates for Windows 7 SP1 systems that are still in ESU support. Also with ESU Bypass v11 the whole thing still works. But these security updates are also available for Windows Server 2008 R2 with ESU support. Here is some information about the Monthly Rollup and Security only Updates for this operating system.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | Leave a comment

Patchday: Windows 8.1/Server 2012 Updates (September 14, 2021)

Posted on 2021-09-15 by guenni

Windows[German]On September 14, Microsoft released various updates for Windows 8.1. However, these security updates are also available for Windows Server 2012 R2. Here is some information on the Monthly Rollup and Security only updates for these operating systems.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 4 Comments

Patchday: Windows 10-Updates (September 14, 2021)

Posted on 2021-09-15 by guenni

Windows[German]On September 14, 2021 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from the RTM version to the current version 21H1). Among other things, there are patches against the MSHTML vulnerability and another PrintNightmare fix. Here are some details about the respective patchday security updates.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment