[German]A brief update on the RCE vulnerability CVE-2021-1675 in the Windows Print Spooler known as PrintNightmare. US-CISA warns and recommends disabling the Print Spooler service on servers that are not used for printing. And as of July 1, 2021, Microsoft has confirmed that the RCE vulnerability known as PrintNightmare, CVE-2021-1675, is still unpatched and is even currently being exploited.
[German]Does anyone manage their Windows clients via Configuration Manager (ConfigMgr) and also use Bitlocker? There is a PowerShell script Invoke-MbamClientDeployment.ps1 to supposedly upload the keys. However, Microsoft writes that this PowerShell script is not supported for use with BitLocker Management in Configuration Manager – so it must not be used in this scenario under any circumstances.
[German]Security researchers have published proof-of-concept (PoC) code for a remote code execution (REC) vulnerability in the Windows Print Spooler. The POC code was immediately deleted, but it is assumed that copies were pulled. The CVE-2021-1675 vulnerability allows an attacker to gain remote access to and take over a Windows Domain Controller.
[German]As of June 29, 2021, Microsoft has released a special update (D-Week) for Windows 10 versions 2004, 20H2 and 21H1. This update, which is not rolled out via Windows Update, is intended to fix possible problems with opening and rendering PDF files in Internet Explorer 11 or in apps.
[German]At the beginning of April 2021, 500 million user records of LinkedIn users were offered for sale in an underground forum (see Data leak: 500 million LinkedIn user data for sale in underground forum). Now a new data leak has been revealed, as 700 million LinkedIn user records were again offered for sale in an underground forum in mid-June 2021. As it looks, the LinkedIn user data was accessed via the API of the Microsoft-operated social network, which is used by many users for professional purposes.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
As of June 29, 2021, there has been a disruption with Microsoft Intune. Users with Microsoft Intune-registered Android devices may not receive Wi-Fi profiles. Here is an excerpt from the IT265315 incident report.
[German]After the massive uncertainty regarding the minimum system requirements for systems with Windows 11, Microsoft has published an update about these requirements on the Windows blog just in time for the release of the first Insider Preview. There, Redmond explains why certain requirements are set, but leaves some questions, for example about CPU support, unanswered.
[German]Schools and students in German state Hesse will no longer be able to work with Microsoft Teams as a video conference communication solution in the next school year winter 2021/2022. The Hessian Commissioner for Data Protection and Freedom of Information (HBDI) had already given a clear indication on March 31 of this year that the toleration of non-privacy-compliant video conferencing systems (VKS) in the Hessian school landscape would expire. From July 31, 2021, this toleration will end and schools will have to switch to data protection-compliant video conferencing systems. Microsoft Teams is also explicitly affected by this end of toleration, as the Hessian Commissioner for Data Protection and Freedom of Information (HBDI) recently announced.
[German]There was a real boom in sales of Chromebooks with Google's ChromeOS in 2020. The analyst firm IDC writes in a forecast that Chromebook sales will continue to boom in 2021. However, with the COVID-19 pandemic subsiding, customers will decide whether to continue buying Chromebooks or alternative devices.
[German]Microsoft has released the final version of the Security Baseline for Microsoft 365 Apps For Enterprise version 2106. However, there are no changes compared to the last security baseline (v2104) for Office. Microsoft has published the Techcommunity article Security baseline for Microsoft 365 Apps for enterprise v2106 – FINAL on this.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
