[German]Google has released Google Chrome 92.0.4515.107 for Windows, Mac and Linux on July 20, 2021. It is an update to version 92 that brings new features, but also fixes 35 vulnerabilities in older browser versions at once. Continue reading
[German]Windows 10 has a serious vulnerability CVE-2021-36934 as of version 1809, which allows the Security Accounts Manager (SAM) database to be read via VSS shadow copies. This opens the door for local attackers to gain privileges from administrators and potentially move around networks. Meanwhile, the potential and scope of affected machines is becoming clearer, which is why I am publishing this follow-up article.
As of 7/20/2021, WordPress 5.8 has been released by the developers. This is a new major version, which comes with some new features. An overview of these new features can be found in this WordPress article. I've updated my WordPress installation without issues so far.
[German]There has been a severe vulnerability CVE-2021-3438 in the printer drivers of the manufacturers HP, Xerox and Samsung (presumably only laser printers) for 16 years, which affects millions of devices. The vulnerability was reported to HP on February 18, 2021, and an updated printer driver has been available since May 19, 2021. Here is some information on the issue provided to me by the security researchers.
[German]It seems that Windows 10 feature updates from version 1809 up to the current version 21H1 change the access rights to the SAM database so that non-administrative users can access it. The cause could be the volume shadow copies (Shadow Copy), which are enabled by default. Here's some initial information – I'm still sorting through it a bit at the moment.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]At the end of February, beginning of March 2021, there was a massive attack on Microsoft Exchange Server (see Exchange server 0-day exploits are actively exploited), in which many thousands of instances were hacked worldwide. Even then, the attacks were attributed to the Chinese hacker group Hafnium. Now the US along with its allies (UK, NATA) as well as the EU are accusing China of being responsible for this attack. The U.S. has also identified four Chinese nationals as responsible.
[German]In fall of 2021, Microsoft will most likely release Windows 11 and then roll it out more broadly in 2022 (see Has Intel revealed the October 2021 release date and name for Windows 11?). This will include a user interface overhaul with a new Start menu and rounded windows (Sun Valley). In anticipation of the release of Windows 11, Microsoft has now explained the new context menus and the Parts dialog in more detail.
[German]Let me put it this way: For me, it has been clear since the presentation that Microsoft will release its Windows 11 so sometime in October 2021 – even though the broad rollout with a free Windows 10 upgrade is not supposed to happen until 2022. Now, Intel may have unintentionally revealed the release date for Windows 11 as October 2021.
[German]Security researchers from CyberArk have managed to trick Windows 10's Hello login (also included in Windows 11) in terms of logging in via facial recognition. All they needed was an infrared photo of the face in question, used on a fake usb device acting as an IR camera. Here's some information on the facts of the matter.
[German]The release of Firefox version 90.0.0 lasted just a week. Now the Mozilla developers have released July 19, 2021 version 90.0.1 as a maintenance update of the Firefox browser. Here is some information about what has been fixed.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
