[German]Google made a serious mistake when updating to Chrome OS 91.0.4772.165: A typo in the code meant that users could no longer log in. Google then removed the update from its servers. Android Police had reported here. Now Google is rolling out a fix for the Chromebork bug in Chrome OS, as e.g. The Register reports here.
[German]Following the Chrome update, Microsoft has also updated the Edge browser and raised it to version 92.0.902.55 on July 22, 2021. The update fixes various vulnerabilities that have already been fixed in Google Chrome. Addendum: This Edge version causes a freeze when opening PDF files, see Inside.
The information available on this page names CVE-2021-36928, CVE-2021-36929 and CVE-2021-36931, and the browser should be updated automatically. The browser should be updated automatically. Here is an excerpt from Microsoft's security advisories on the subject:
************************************************************************
Title: Microsoft Security Update Releases
Issued: July 22, 2021
************************************************************************
Summary
=======
The following Chrome CVEs have been released on July 22, 2021.
* CVE-2021-36928
* CVE-2021-36929
* CVE-2021-36931
– CVE-2021-36928 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: July 22, 2021
– Updated: N/A
– Aggregate CVE Severity Rating: Important
– CVE-2021-36929 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: July 22, 2021
– Updated: N/A
– Aggregate CVE Severity Rating: Important
– CVE-2021-36931 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: July 22, 2021
– Updated: N/A
– Aggregate CVE Severity Rating: Important
The following CVEs were assigned by Chrome. Microsoft Edge
(Chromium-based) ingests Chromium, which addresses these vulnerabilities. Please see
Google Chrome Releases (https://chromereleases.googleblog.com/2021) for more information.
See Link for more information about third-party CVEs in the Security Update Guide.
* CVE-2021-30565
* CVE-2021-30566
* CVE-2021-30567
* CVE-2021-30568
* CVE-2021-30569
* CVE-2021-30571
* CVE-2021-30572
* CVE-2021-30573
* CVE-2021-30574
* CVE-2021-30575
* CVE-2021-30576
* CVE-2021-30577
* CVE-2021-30578
* CVE-2021-30579
* CVE-2021-30580
* CVE-2021-30581
* CVE-2021-30582
* CVE-2021-30583
* CVE-2021-30584
* CVE-2021-30585
* CVE-2021-30586
* CVE-2021-30587
* CVE-2021-30588
* CVE-2021-30589
Revision Information:
=====================
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: July 22, 2021
The feature updates for Edge 92.0.902.55 are described here.
However, it looks like this Edge update is causing the browser to freeze when users try to open PDF files. German blog reader Stefan left a comment regarding this issue.
We are experiencing a sudden increase in problems with the browser freezing for some users when they want to open PDF files in some web portals.
On reddit.com I have found another people who have the same problems. The thread starter wrote:
Microsoft Edge crash/freeze on opening PDF's
Came back to work after a wonderful weekend. Phone is ringing continuesly. Multiple people calling for help, that Microsoft Edge is crashing on opening PDF's.
Everything was working perfectly on friday! (We are on 20H2, Build 19042.1110)
It seems like Microsoft released an update 92 (92.0.902.55) this weekend. That's the only difference between now and last friday in my environment.
It doesn't make a difference, if PDF's are opened from a website, local storage or from an email. Does anyone have similar problems, opening PDF's directly in the browser?
In the reddit.com thread, more users confirm the problem.
[German]Hope for victims of the supply chain attack on the US software manufacturer Kaseya, as a result of which the systems of around 1,500 customers worldwide were infected with ransomware and the stored data was encrypted. The manufacturer Kaseya has now probably received a master key for decryption and hopes to be able to rescue the customers' data. Addendum: It looks like Kaseya requires victims to sign a non-disclosure agreement (NDA) before there is a decryption solution.
[German]On July 22, 2021, Mozilla developers have already released version 90.0.2 as a maintenance update of the Firefox browser (thanks to Gerold for the hint). According to the release notes, the truncated output when printing has been fixed and the menu styling for some Gtk themes has been corrected. In addition, DoH (DNS over HTTPS) is supported in Canada. The new Firefox can be updated via update in the browser or downloaded from this website for various platforms (the variant is to be selected via the displayed list boxes).
[German]In this blog post, I take up the case of a blog reader who, with a Windows 10 Pro system (it was a Medion brand device – a German subsidiary of Lenovo), faced the problem that the monthly cumulative updates failed. Error 0x80073701 was reported. Attempting to install Windows 10 Pro in current version via USB installation media ended with error 0x8007025D. At the end of the day, the blog reader found the cause – it was missing updates of the Intel graphics driver, which were made up manually and finally eliminated the update installation errors.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Soon, the "new Microsoft Store" will be available for Windows 10 and Windows 11. This implies that the previous approach will soon die. Microsoft plans to discontinue the Windows Store for Business in the first quarter of 2023, as the company announced in this Techcommunity post.
[German]Is there a problem with NAS systems from QNAP that certain models suddenly fail and "die", so to speak, during shutdown. The units can no longer be booted afterwards. I have found affected people with the TVS-872XT model, but also with other variants of the TVS series. A blog reader pointed me to corresponding reports. Let me summarize some information I have.
[German]Security researchers from Qualsys have discovered a Local Privilege Escalation (LPE) vulnerability CVE-2021-33909 in the filesystem layer of the Linux kernel. In addition, a second vulnerability CVE-2021-33910 has been discovered. Linux distributions such as Debian, Fedora and Ubuntu are vulnerable in default settings, allowing third parties to gain root privileges. However, there are patches to fix the vulnerability. Here is a rough overview of what is involved.
[German]Google has released Google Chrome 92.0.4515.107 for Windows, Mac and Linux on July 20, 2021. It is an update to version 92 that brings new features, but also fixes 35 vulnerabilities in older browser versions at once. Continue reading
[German]Windows 10 has a serious vulnerability CVE-2021-36934 as of version 1809, which allows the Security Accounts Manager (SAM) database to be read via VSS shadow copies. This opens the door for local attackers to gain privileges from administrators and potentially move around networks. Meanwhile, the potential and scope of affected machines is becoming clearer, which is why I am publishing this follow-up article.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
