[German]ecurity researchers had recently disclosed a new attack vector called PetitPotam. By means of an NTLM relay attack, any Windows domain controller can be taken over by attackers. ACROS Security has now presented the second free 0Patch solution for different Windows Server versions, which prevents the exploitation of the vulnerability.
[German]Microsoft has released Windows Server 2022 LTSC on August 18, 2021 (according to my post Future Windows Server versions will only be available as LTSC, only LTSC versions with 10 years of support will be released). The ISO is available for download from the Visual Studio Subscription Center. The new features of Windows Server 2022 were already presented here in June. An overview of the features of the different versions can be found on this Microsoft page. The colleagues from deskmodder.de have linked the ISO installation files here. Blog readers also pointed out in a comment that there are 180-day evaluation versions here.
[German]Synology has issued a security warning for its DiskStation Manager (version <6.2.4-25556-2 ; 7.0). There are several security vulnerabilities in the firmware of the devices. UC SkyNAS units are also at risk. Synology has already issued the first firmware updates. There is a new variant of the ransomware eCh0raix that can exploit a new bug in QNAP and Synology NAS devices.
[German]Small reminder for users and administrators of Internet Explorer 11. As of August 17, 2021, support for this browser in Microsoft 365 apps and services has ended.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The developers of the Thunderbird email client released Thunderbird 91 a week ago (only available as a download and not as an update). Now a maintenance and security update to version 91.0.1 has been released as of August 17, 2021.
[German]Google has released Google Chrome 92.0.4515.159 for Windows, Mac and Linux as of August 16, 2021. It is a maintenance update that fixes 9 vulnerabilities, many assigned a priority of High, in older browser versions. The Android version improves stability.
[German]The Mozilla developers had only released version 91.0.0 (including the ESR version) on August 10, 2021, but now had to postpone the 91.0.1 update of the Firefox browser to October 17, 2021. The version 91.0.1 is a maintenance update, which should fix bugs.
[German]Another small addendum about Windows 10 and the integration of the Servicing Stack Updates (SSUs) into current Cumulative Updates (LCUs). Due to massive problems with the installation of the cumulative updates from June and July 2021, Microsoft has released a separate SSU for August. And it seems that they have started to integrate that SSU into the cumulative updates for Windows 10 version 1909 as well.
[German]Another brief information for administrators in the enterprises. Microsoft enables SMB signing for the relevant network protocol. This is to ensure the security of the communication. However, the whole thing is probably a bit complex, if I interpret this correctly. Now there is a Techcommunity contribution, where one takes up the topic from Microsoft and treats the trustworthy configuration of a SMB signing.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
