Microsoft 365: Multi-factor authentication bypassed

Posted on 2020-09-16 by guenni

[German]That does not sound very good. Newly discovered vulnerabilities in Microsoft 365 make it possible to bypass multi-factor authentication. Security researchers from Proofpoint have just released this information.

Continue reading

Posted in Cloud, Office, Security, Windows | Tagged , | Leave a comment
Advertising

Windows Server: Zerologon vulnerability (CVE-2020-1472) allows domain hijacking

Posted on 2020-09-16 by guenni

[German]Security researchers have uncovered a vulnerability in all versions of Windows Server that allows domain transfer with a simple approach. This vulnerability, called Zerologon (CVE-2020-1472), was closed with the security updates of August 2020. Those who have not yet installed this patch should react as soon as possible.

Continue reading

Posted in Security, Update, Windows | Tagged , , | 1 Comment

0patch fixes CVE-2020-1380 in Windows 7/Server 2008 R2

Posted on 2020-09-16 by guenni

win7 [German]ACROS Security has released a micropatch for the vulnerability CVE-2020-1380 (Internet Explorer scripting engine memory corruption ) for Windows 7 and Server 2008 R2 (without ESU license). The vulnerability is now being exploited.

Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Windows 10 Version 2004: Update KB4576754 forces new Edge browser install (Sept. 14, 2020)

Posted on 2020-09-15 by guenni

[German]Microsoft has begun rolling out the new Chromium-based Edge Browser on systems with Windows 10 version 2004 on Sept. 14, 2020. A re-release of update KB4576754 pushed this browser again to consumer systems.

Continue reading

Posted in browser, Software, Update, Windows | Tagged , , | 2 Comments

Google sends out invitations for Sept. 30, 2020

Posted on 2020-09-15 by guenni

Google yesterday sent out invitations to a hardware event for the end of September 2020 to the press. The event will run under the motto 'Launch Night In – Made By Google' and is scheduled to take place on September 30 at 11 a.m. Pacific time.

Continue reading

Posted in devices, General | Tagged | Leave a comment
Advertising

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Data leak at online shop windeln.de

Posted on 2020-09-15 by guenni

[German]German online shop windeln.de operated an insecure Elastic-Search server so that the personal data of 700,000 customers could be accessed via Internet. Here are details what I know so far (what the security researcher has told me).

Continue reading

Posted in Security | Tagged , | Leave a comment
Advertising

Microsoft integrates Servicing Stack Updates (SSU) in cumulative Updates (LCU)

Posted on 2020-09-15 by guenni

[German]Another small addendum from last week. Microsoft has announced it's plans to include the required Servicing Stack Updates (SSU) in future Latest Cumulative Updates (LCU). This could eliminate one cause of update errors.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Windows Server 2016: Update KB4577015 throws a GPO MMC wsecedit.dll error

Posted on 2020-09-14 by guenni

[German]Security update KB4577015, dated September 8, 2020, causes problems on Windows Server 2016, which acts as the domain controller. The Group Policy Editor (gpedit.msc) throws a wsecedit.dll error when loading an MMC snap-in when changing security options.

Continue reading

Posted in issue, Update, Windows | Tagged , , | 8 Comments
Advertising

Mailfire data leak reveals data from adult sites

Posted on 2020-09-14 by guenni

[German]There is once again a data leak to report, but it is likely to be minor for those affected – because security researchers have discovered the data leak. The marketing company Mailfire acting on Cyprus revealed data of over 70 eCommerce and adult sides.

Continue reading

Posted in Security | Tagged , | Leave a comment

Office 2016: Documents cannot be stored on network shares

Posted on 2020-09-14 by guenni

[German]A German blog reader contacted me for an observation. He has been getting for weeks  more and more messages from users in his enterprise network with Windows Server 2012, that Office documents sporadically cannot be stored on network shares. On the clients Windows 10 version 1909 is used. After tests he suspects that updates could cause the issue.

Continue reading

Posted in issue, Office, Windows | Tagged , , | Leave a comment