[German]A short information for administrators of Windows Server systems. In December 2024 Microsoft has released patches for LDAP vulnerabilities, that that allows attackers to run an DoS attack on Active Directory. Now a Poor of Concept has been released, that shows, that these vulnerabilities allows an attacker to crash any unpatched Windows Server.
[German]Tenable has published a support article pointing out a problem with its Nessus security solution caused by plugin updates. After the update, the Nessus agents are offline. Administrators must intervene manually to install an update and bring the Nessus agents back online.
[German]ESET says, currently 32 million systems with Windows 10 are still in use in Germany. The security company warns of a worst-case scenario, as support for Windows 10 will expire in October 2025. A "switchover" is being propagated. I am of the opinion that Windows 10 users can look forward to October 2025 in a very relaxed manner.
[German]It's the beginning of 2025 and Statcounter's figures for operating system distribution on the desktop are available for the end of December 2024. What about Microsoft Windows share on the desktop? Windows 10 will no longer be supported after October 2025. With this in mind, how is Windows 11 share on the desktop?
[German]Microsoft has introduced the so-called Checkpoint Cumulative Updates for Windows 11 24H2 and Windows Server 2025. In September 2024, there were probably first reports of problems, users failed with the error "Operation is not supported". Microsoft has now updated a support article that describes the procedure for successfully installing .msu updates manually on systems with this error.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]A little tip for people who may need to document BIOS settings for Lenovo devices. Lenovo offers a BIOS simulator that allows you to retrieve all settings via the Internet and document them with a screenshot.
[German]Email security for Security Operations Center (SOC) teams. What is hidden behind terms such as DKIM, SPF and DMARC, which are used to secure email communication?
I wish this to all blog readers and, above all, good health and optimism in these times.
[German]A small addendum from the weekend – at the 38C3 congress of the Chaos Computer Club, Thomas Lambertz, a security expert, showed how Microsoft's Bitlocker encryption can be circumvented by "downgrading" a patched vulnerability. The way in which secret services or law enforcement agencies can gain access to encrypted data.
[German]Blog reader Fabian D. accidentally discovered a Privilege Escalation vulnerability in the G Data Security Client at the beginning of April 2024 and was then able to prove a Privilege Escalation vulnerability in the G Data Management Server during targeted research. Both vulnerabilities were reported to G DATA and have been fixed with version 15.8.333 in December 2024.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
