[German]Most Windows insiders have come across the RunOnce key in the registry. Programs and services can enter a command there, which is executed once at the next Windows start and then deleted. However, Windows supports various options to force the key to be evaluated in safe mode or to prevent the entry from being deleted if the command isn't executed.
[German]Taiwan-based motherboard manufacturer GIGABYTE has fallen victim to a ransomware attack by the RansomEXX group. The RansomEXX gang is now threatening to make captured files in the amount of 112 GBytes public unless a ransom is paid.
[German]Security researchers recently disclosed a new attack vector called PetitPotam. Using an NTLM relay attack, any Windows domain controller can be taken over by attackers. Now, ACROS Security has presented a free 0Patch solution for various Windows Server versions that prevents exploitation of the vulnerability.
[German]Security researchers from Check Point have found a dangerous vulnerability in the eBook reader Amazon Kindle. Attackers could have used malicious code to take over the linked Amazon account of the device owner or read out his data. In the meantime, Amazon has closed this vulnerability with an update.
[German]Microsoft has updated the Edge browser to version 92.0.902.67 as of August 5, 2021. The release notes state that security updates to the Chromium browser have been included. Microsoft emailed me the list of fixed vulnerabilities in Chromium.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]In the blog post PrintNightmare: Point-and-Print allows installation of arbitrary files I had reported about a new vulnerability in Windows. A remote print server, which can be reached by unauthorized persons, allows to install arbitrary malicious files on the clients via point-and-print. In the article I had also mentioned ways to mitigate it. Now ACROS Security has presented a free 0Patch solution for various Windows Server versions that prevents exploitation of the vulnerability.
[German]Brief information for administrators in enterprise environments who manage Windows Updates via Configuration Manager (ConfigMgr). On January 31, 2022, the first features will be deprecated. For example, Desktop Analytics for Windows 7, Windows 8.x and older Windows 10 versions will no longer be supported. Later in 2022, more features will be dropped Here's some information on what to look out for.
[German]Security researchers from Forescout and JFrog have just made public the vulnerabilities in the NicheStack TCP/IP library grouped under the term INFRA:HALT. They had come across it while analyzing the library. This NicheStack TCP/IP library is used in products (industrial controllers and IOT industrial devices) from more than 200 vendors. More than 6,400 vulnerable devices are currently accessible online.
[German]A short information tidbit about Microsoft's Cloud PC and issues during setting up Windows 365. The cloud service is only available since a few days (see Windows 365 released) and Microsoft has already had to suspend the provisioning of the free trial versions because the demand exceeded the available resources. But there are already first experiences that setting up Windows 365 at the Cloud PC ends with the error "failed provisioning".
[German]Does Copilot, the AI solution launched by Microsoft on GitHub for embedding code snippets (e.g., in Visual Studio code), violate fair use and the rights of code developers? The nonprofit Free Software Foundation has just raised some questions about the fairness, legitimacy and legality of the AI-driven coding assistant CoPilot.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
