[German]VMware has released security updates to address vulnerabilities in several products. An attacker could exploit some of these vulnerabilities to take control of an affected system. VMware vRealize Operations, VMware Cloud Foundation and vRealize Suite Lifecycle Manager are affected. US-CERT has already issued an advisory and is telling people to look at the security advisories in question.
[German]Microsoft has released an update for Windows 10 version 2004, 20H2 and 21H1 as of August 24, 2021. This update should correct the error 0x800F0984 (PSFX_E_MATCHING_BINARY_MISSING), which prevents the installation of updates under Windows 10. After all, the error has been dragging itself through various Windows 10 versions (from version 2004) sinceMay 2021. Here are some notes about this optional update, which is not offered via Windows Update.
[German]After the Razer case, the next clunker has now come to light. After it became known that standard users can become administrators with Razer mice via the driver installation, a security researcher took a closer look at the SteelSeries device software. SteelSeries' software also allows any standard user to gain administrative privileges under Windows with just a few mouse clicks. Here some information about this new security case.
[German]On August 20, 2021, Microsoft published recommendations on the subject of virus protection for on-premises Microsoft Exchange Servers. Recommendations are also given there regarding the exclusion of certain folders from virus scanning. On the other hand, we are experiencing waves of attacks on Exchange Servers via vulnerabilities such as ProxyShell and ProxyLogon. The attackers then deposit a WebShell on the infected Exchange systems. Therefore, it is reasonable to ask whether Microsoft's recommendations are good advice.
[English]On August 24, 2021, the Mozilla developers have already released version 91.0.2 as a maintenance update of the Firefox browser. According to the release notes, there are only two bug fixes. High contrast mode is no longer enabled by default when "Increase contrast" is enabled in macOS preferences. Firefox no longer deletes authentication credentials when trackers are deleted to avoid repeatedly asking for a password. The new Firefox can be updated via update in the browser or downloaded from this website for various platforms (the variant is to be selected via the displayed list boxes). (via)
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Insiders know that software often has a so-called killswitch that shuts it down remotely. With Microsoft and other manufacturers, the activation can be reset and the user is left in the dark. Or a security feature like Secure Boot could be used for such purposes. Samsung also offers the possibility to remotely turn off TVs worldwide. The feature is called TV Block, and it recently came to light.
[German]The encryption method StartTLS, which can be used in network communication, especially for e-mails, has a number of vulnerabilities that make it possible to break open communication by stealing access data, for example. This was already proven by German security researchers at the beginning of August 2021.
[German]I've been waiting for something like this to happen for a while now. Misconfigured Microsoft Power Apps exposed 38 million records of sensitive data. Forty-seven government agencies and companies are affected, as security researchers at UpGuard discovered in May 2021 and have now disclosed.
[German]Microsoft has an extension (add-on) for the Edge browser that allows access to various Outlook services (hotmail.com or outlook.com) such as Mail, Calendar, Teams, etc. directly in the browser.
[German]The developers of the Thunderbird email client have recently released version 91 (only available as a download and not as an update). Now, a maintenance and security update to version 91.0.1 has been released on August 17, 2021, and version 91.0.2 on August 23, 2021.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
