[German]Security researchers have discovered the first zero-click vulnerability in an AI application. Unsurprisingly for me, this concerns Microsoft 365 Copilot. Attackers could use this vulnerability, known as EchoLeak, to force Microsoft 365 Copilot to exfiltrate data.
[German]I received reports in comments of my German blog, that users of Fujitsu systems are ending with bricked devices during installing the June 2025 security updates for Windows. Die Rechner starten nicht mal mehr ins BIOS/UEFI. Ursache ist wohl eine Aktualisierung der DBX-Records für den Secure Boot durch die Windows Updates. Lässt sich nur mit Tricks wieder korrigieren.
[German]The June 2025 security updates for Microsoft Office fixes critical vulnerabilities, but appear to cause serious problems for some users in corporate environments. Document files can no longer be opened in the Office applications. There are also reports of crashes and problems with Microsoft Outlook Classic. Addendum: Outlook crashes have been confirmed by Microsoft, there is a workaround.
[German]Brief addendum from June 10/11, 2025 – Microsoft fell a little short on Patchday (June 10) with its Windows 11 24H2 update KB5060842. Its installation caused problems for some users. The update was therefore withdrawn and the out-of-band update KB5063060 was pushed late in the evening on June 11, 2025.
[German]On June 10, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. This month, serious vulnerabilities in Office were closed. Below you will find an overview of the available updates.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On June 10, 2025, Microsoft also patched the vulnerability CVE-2025-33073 with the security updates for Windows. This is a vulnerability in the Kerberos network protocol that was discovered by RedTeam Pentesting in January 2025. Below I disclose some information about the vulnerability that I received in advance from the discoverers. There are also notes for Windows administrators on what is relevant.
[English]On June 10, 2025 (second Tuesday of the month, Patchday at Microsoft) various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates including some details for these Windows Server versions (from Windows Server 2012 to 2025).
[German]On June 10 (second Tuesday of the month, Patchday at Microsoft), Microsoft released cumulative updates for the still supported client operating system versions of Windows 10 and Windows 11. Here are some details about these updates, which are intended to fix vulnerabilities and problems.
[German]Microsoft released security updates for Windows clients and servers, Office and other products on June 10, 2025. The security updates eliminate 65 vulnerabilities (CVEs), two of which were classified as 0-day. One vulnerability has already been attacked. The following is a compact overview of the updates released on Patchday
[German]Acronis Cyber Protect security vulnerabilities endanger Windows systemsShort note for users who use Acronis Cyber Protect in a Windows environment. There is a current security warning from the German Federal Office for Information Security (BSI). Several vulnerabilities in the product have become known that jeopardize the security of Windows.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
