Follow-up to the Kaseya supply chain attack

Posted on 2021-07-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]At the beginning of July 2021, there was a supply chain attack on Kaseya VSA, a remote management and monitoring (RMM) software, so malware was delivered. As a result, the REvil Ransomware group's encryption Trojan struck, encrypting the IT systems of approximately 1,500 companies worldwide. Gradually, more details are becoming known. For example, the vulnerability exploited for the attack was reported to Kaseya in April 2021 – and a vulnerability known since 2015 is still open in their management software.

Continue reading

Posted in Security | Tagged | Leave a comment

Microsoft on PrintNightmare vulnerability CVE-2021-34527: Windows is secure after patch

Posted on 2021-07-10 by guenni

Windows[German]Microsoft has commented on reports that the unscheduled updates to close the PrintNightmare vulnerability CVE-2021-34527 in the Windows Print Spooler service would not eliminate all risks. The message is that if the special updates are installed and Windows is configured and operated properly, there is no known scenario that would allow exploitation of the vulnerabilities. As a follow-up, here is an overview of this issue.

Continue reading

Posted in Security, Update, Windows | Tagged , , | 4 Comments

Windows 10: Microsoft fixes Zebra & Dymo printer issues caused by update (e.g. KB5004945) via KIR

Posted on 2021-07-09 by guenni

Windows[German]After installing updates (e.g. KB5004945, KB5003690, KB5004760), some decicated to close the vulnerabilities in the print spooler service, systems with label printers from Zebra and Dymo experienced printing issues – printing is no longer possible. Until now, the only option was to uninstall the relevant update or try to print directly via USB. Based on the feedback, however, Microsoft has now responded and provided a fix to correct this problem caused by several updates via the KIR function available in Windows 10 from version 2004 and later.

Continue reading

Posted in issue, Update, Windows | Tagged , , , | Leave a comment

Changes and ambiguities in driver updates via WSUS; is Windows 10 bypassing Updates via WSUS?

Posted on 2021-07-09 by guenni

Update[German]In today's blog post, I'll summarize two things that German blog reader Markus K. pointed out to me by mail. Possibly there are changes in driver updates via WSUS, at least there are and ambiguities. Once he suddenly appears on Dell systems password prompts to clients when a firmware is to be installed. But there are other oddities, such as missing reloading of drivers after an activation. And then there is the suspicion that Windows 10 gets the updates directly past WSUS, from the Microsoft update servers, no matter what the administrator has set in group policies.

Continue reading

Posted in Update, Windows | Tagged , , , | Leave a comment

The Chaos PrintNightmare Emergency Update (July 6/7, 2021)

Posted on 2021-07-08 by guenni

[German]Microsoft has released out-of-band security updates for the PrintNightmare vulnerability (CVE-2021-1675) in the Windows Print Spooler service. But these updates seem to end in chaos – it reminds me on the Printer-Gate in March 2021, where Microsoft had to release a series of update fixes to close a printer vulnerability but still allow printing. I'll summarize a few points outside of Microsoft's documentation in this blog post. These range from the fact that the updates don't close the vulnerabilities, to installation issues and problems with Zebra label printers subsequently refusing to print.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 6 Comments

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

PrintNightmare out-of-band update also for Windows Server 2012 and 2016 (July 7, 2021)

Posted on 2021-07-08 by guenni

Update[German]As of July 7, 2021, Microsoft has now also released the emergency update to close the PrintNightmare vulnerability (CVE-2021-1675) in the Windows Print Spooler services for all Windows versions (the still missing updates for Windows Server versions 2012 and 2016 has been released. An immediate installation of this security-critical update is recommended by Microsoft – although administrators in server environments should first run a test.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | 3 Comments

Microsoft Azure: Urgently update PowerShell because of RCE vulnerability

Posted on 2021-07-08 by guenni

Update[German]PowerShell versions 7.0 and 7.1 contain a remote code execution (RCE) vulnerability CVE-2021-26701, which has been assigned a CVSS score: 8.1. In a security alert, Microsoft is urging Azure customers to update PowerShell to version 7.0.6 or 7.1.3 in a timely manner. Windows PowerShell 5.1 is not affected by this vulnerability. Bleeping Computer has compiled some more info here. (via)

Posted in Cloud, Security, Update | Tagged , , , | Leave a comment

Out-of-Band Update closes Windows PrintNightmare Vulnerability (July 6, 2021)

Posted on 2021-07-07 by guenni

Update[German]As of July 6, 2021, in addition to the regular Office updates (see Microsoft Office Patchday (July 6, 2021), Fix for Outlook Crashes), Microsoft has also released an emergency update to close the PrintNightmare vulnerability in the Windows Print Spooler. Blog reader Harald L. pointed out this update in this comment. Prompt installation of this security-critical update is recommended – although administrators in server environments should first run a test.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , , , | 6 Comments

Microsoft Office Patchday (July 6, 2021), Fix for Outlook Crashes

Posted on 2021-07-07 by guenni

[German]On July 6, 2021 (first Tuesday of the month, Office Patchday), Microsoft will release non-security updates for still-supported versions of Microsoft Office. Among other things, crashes in Outlook and performance issues are lifted. Here's a brief overview.

Continue reading

Posted in Office, Update | Tagged , | Leave a comment

Beta from SQL Server for Windows Container suspended

Posted on 2021-07-06 by guenni

[German]Microsoft has suspended the SQL Server on Windows beta program. In a July 5, 2021 announcement, Microsoft writes that the SQL Server on Windows Containers beta program began in 2017. The program remained in beta mode until now, intended only for test and development environments. Due to existing ecosystem challenges and usage patterns, Microsoft has decided to suspend the SQL Server on Windows Containers beta program for the foreseeable future. Should circumstances change, we will revise the decision and make an announcement in due course. This announcement only affects SQL Server on Windows Containers, SQL Server on Linux Containers will continue to be supported for the production environment.

Posted in Software | Tagged | Leave a comment