Why you should quit WhatsApp

Posted on 2021-04-13 by guenni

If you observe Facebook's WhatsApp from a view or a data protection activist or a security expert, you should have dropped that messenger (I dumped that thing in 2018 due to GDPR reasons). During the past WhatsApp has a steady stream of huge security issues. I just link here to the Forbes article Why You Should Quit WhatsApp As Critical New Update Confirmed from March 6, 2021. Now we have the next nail in the coffin: Forbes has uncovered a nasty new surprise for WhatsApp's 2 billion users today. Security researchers has discovered an alarming security risk. Knowing a phone numer is suffizient, to allow a remote attacker to deactivate easily WhatsApp on a phone and then stop users getting back in. Even two-factor authentication will not stop this. Details may be read within this Forbes article.

Posted in Security | Tagged , | Leave a comment

Edge-News: End of Legacy Edge, Problems with Updates, IE Redirection to Edge

Posted on 2021-04-12 by guenni

Edge[German]As of April 13, 2021, Microsoft will remove Legacy Edge from newer Windows 10 builds. Could there be any problems? Another issue is the effect that Internet Explorer is immediately redirected to the new Edge at startup. In an omnibus post, I take up some of these issues around Edge.

Continue reading

Posted in browser, Windows | Tagged , , | 1 Comment

PSA: Watch your Exchange Patch status – 0 day vulnerabilities found, is the next Exchange disaster in sight?

Posted on 2021-04-11 by guenni

[German]Ok, I think I got your attention with the headline. From what I heard, next Tuesday there will be some updates for Exchange Server. Why? Because three Exchange exploits were presented at the hacker conference Pwd2Own (6-8.4-2021). Maybe it would be a good idea to make sure that the Exchange servers are patched over the weekend to be able to start with updates in time.

Continue reading

Posted in Security, Software | Tagged , , | 1 Comment

Thunderbird 78.9.1 released

Posted on 2021-04-10 by guenni

[German]The developers of the Thunderbird email client have released Thunderbird 78.9.1 on April 8, 2021. It is a maintenance update for the 78 main version of the email client, which fixes various bugs and vulnerabilities.

Continue reading

Posted in Security, Software, Update | Tagged , | Leave a comment

WSUS Sync error from April 7, 2021 fixed

Posted on 2021-04-10 by guenni

Windows Update[German]Just a short information for WSUS admins. The sync problem in WSUS that I reported on 7.4.2021 (see WSUS/MECM: No sync since April, 7, 2021) has been fixed. Readers had already reported in comments that the synchronization works again. The confirmation about the cause, it was indeed Visual Studio, and that it was fixed is now available from the product team (is added in the linked article).

Posted in Software, Update | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Malware infection of Gigaset Android devices: Analyses and options for action (April 8/9. 2021) – Part 2

Posted on 2021-04-10 by guenni

[German]In Part 1 I had analyzed the information Lösung Malware-Angriff Smartphones released by the company Gigaset on April 8, 2021 with regard to the automatic deletion of the malware infection of various Android devices. This works, according to previous feedback, for some people, but it is not really reliable. Now, Gigaset has additionally published instructions on how to clean the devices manually. Here's a look at that issue, as well as a listing of issues that aren't addressed at all in the Gigaset information.

Continue reading

Posted in devices, Security | Tagged , , , , | Leave a comment

Malware infection of Gigaset Android devices: Analyses and options for action (April 8/9. 2021) – Part 1

Posted on 2021-04-10 by guenni

[German]Smartphone vendor Gigaset published a document names Lösung Malware-Angriff Smartphones on April 8, 2021, that should help to cleas Android phones infected by malware since April 1, 2021. In the following text, I will compile and comment the information given from Gigaset and supplement it with my own findings, enriched with the many questions that remain unanswered here. After that, every owner of Gigaset devices should decide how to proceed.

Continue reading

Posted in devices, Security | Tagged , , , , | Leave a comment

WSUS/MECM: No sync since April, 7, 2021

Posted on 2021-04-08 by guenni

Windows Update[German]Short note or question to the administrators of a Windows Server Update Service (WSUS): Does the synchronization work for you? There are reports, that sync (at MECM) is failing since yesterday.

Continue reading

Posted in issue, Update | Tagged , | 1 Comment

Windows 10 V1909: Reminder for SSU KB5001205

Posted on 2021-04-08 by guenni

[German]Microsoft sent a short Microsoft Security Advisory Notification around last night, again pointing out the March 2021 updated servicing stack update Microsoft Security Advisory Notification.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Preliminary analysis of Gigaset malware attack through auto-installer in firmware

Posted on 2021-04-08 by guenni

[German]Let me summarize in advance some findings that security analysts from Malwarebytes have documented regarding the malware attack on Gigaset Android smartphones. I've blogged about that within my German blog, but I'm publishing here a translated version for my English readers. The infection took place from a combination of an infected update server in conjunction with the Auto Installers com.redstone.ota.ui (also referred to as Android/PUP.Riskware.Autoins.Redstone) installed in the firmware of the Gigaset Android smartphones.

Continue reading

Posted in Android, Security | Tagged , , , | Leave a comment