[German]It's the end of August 2021, and vulnerabilities in the Windows Print Spooler service, collectively known as PrintNightmare, continue to cause problems for administrators. There were security updates for the August 2021 patchday, but they offer more problems than solutions. Therefore, here is a summary as of the end of August 2021.
[German]Victims of the Ragnarok ransomware, whose data was encrypted during an attack, can hope again. After the cyber-criminal has just ceased its operations, the master decryptor key has been published. With it, the encrypted files should be able to be restored.
[German]Microsoft has released an optional cumulative (preview) update KB5005103 for Windows 10 version 1909 (Enterprise, Education, IoT) as of August 26. The update fixes various issues with OneDrive and with the Movie and TV apps. Here is an overview of this update.
[German]Heavy blow for users of the Microsoft Azure cloud if a Cosmos DB is involved (the DB stands for Data Breach, just no one has noticed yet). There was a severe vulnerability (now closed) that allowed attackers to take over the database. Microsoft must have started notifying affected Azure customers.
[German]At the end of the month August 2021, OSRAM is shutting down its Lightify cloud service. Users who use the Lightify lights will have to take action before August 31, 2021, to keep the bulbs still working and avoiding to sitting in the dark. Here are a few details about the matter.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Synology has issued a security warning for its products as of August 26, 2021. Multiple vulnerabilities allow remote attackers to perform denial-of-service attacks or execute arbitrary code via a vulnerable version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server. Currently, no product updates seem to be available yet.
[German]Microsoft has published two documents with Security Update Releases and Security Update Revisions as of August 23, 2021. The Security Update Releases affect Chromium browsers such as Edge, and identify vulnerabilities that have been patched. The Security Update Revisions concern various software products such as the .NET Framework. I'm just posting the information on the blog without comment.
[German]I have reported several times on attacks on unpatched on-premises Exchange servers using the ProxyShell method in the blog. Now Microsoft has commented on this in an article and indicates which systems are at risk. In addition, I have received further information from HurricaneLabs, which administrators should be on the lookout for with regard to an infection. Therefore, a summary of the state of affairs once again.
[German]Security researchers at IoT Inspector have found multiple vulnerabilities in a Realtek SDK that allow unauthenticated attackers to fully compromise a device and execute arbitrary code with the highest privileges. The SDK is used by many OEMs to implement WiFi features in devices. Realtek has released an updated version of the SDK, but the code is in numerous IoT devices. At least 65 manufacturers are affected by serious security vulnerabilities, and users face the problem that these devices can be taken over by botnets and attackers.
[German]The developers of the Thunderbird email client have already released another bug fix update on August 26, 2021 (version 91 is still dewy, on August 17, 2021 there was a maintenance and security update to version 91.0.1 and on 8/23/2021 version 91.0.2). Apparently there is no real testing going on anymore. Continue reading
MVP:
2013 – 2016
WIMVP:
2017 – 2020
