Tag Archives: Security

EchoLeak: First AI 0-Click vulnerability in Microsoft Copilot

Posted on 2025-06-15 by guenni

[German]Security researchers have discovered the first zero-click vulnerability in an AI application. Unsurprisingly for me, this concerns Microsoft 365 Copilot. Attackers could use this vulnerability, known as EchoLeak, to force Microsoft 365 Copilot to exfiltrate data.

Posted in Security, Software | Tagged , , | Leave a comment

Patchday: Microsoft Office Updates (June 10, 2025)

Posted on 2025-06-12 by guenni

[German]On June 10, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. This month, serious vulnerabilities in Office were … Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

Windows network vulnerability CVE-2025-33073 (Reflective Kerberos Relay Attack)

Posted on 2025-06-11 by guenni

[German]On June 10, 2025, Microsoft also patched the vulnerability CVE-2025-33073 with the security updates for Windows. This is a vulnerability in the Kerberos network protocol that was discovered by RedTeam Pentesting in January 2025. Below I disclose some information about … Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Patchday: Windows Server-Updates (June 10,  2025)

Posted on 2025-06-11 by guenni

[English]On June 10, 2025 (second Tuesday of the month, Patchday at Microsoft) various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates including some details for these Windows Server versions (from … Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Patchday: Windows 10/11 Updates (June 10,  2025)

Posted on 2025-06-11 by guenni

[German]On June 10 (second Tuesday of the month, Patchday at Microsoft), Microsoft released cumulative updates for the still supported client operating system versions of Windows 10 and Windows 11. Here are some details about these updates, which are intended to … Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft Security Update Summary (June 10, 2025)

Posted on 2025-06-10 by guenni

[German]Microsoft released security updates for Windows clients and servers, Office and other products on June 10, 2025. The security updates eliminate 65 vulnerabilities (CVEs), two of which were classified as 0-day. One vulnerability has already been attacked. The following is … Continue reading

Posted in Office, Security, Software, Update, Windows | Tagged , , , , | Leave a comment

Acronis Cyber Protect vulnerabilities jeopardize Linux and Windows systems

Posted on 2025-06-10 by guenni

[German]Acronis Cyber Protect security vulnerabilities endanger Windows systemsShort note for users who use Acronis Cyber Protect in a Windows environment. There is a current security warning from the German Federal Office for Information Security (BSI). Several vulnerabilities in the product … Continue reading

Posted in Linux, Security, Software, Update, Windows | Tagged , , , , , | Leave a comment

Attention: June 2025 Patchday closes vulnerability CVE-2025-33073 in Windows

Posted on 2025-06-10 by guenni

[German]On June 11, 2025, Microsoft will hold its regular patch day and release security updates for Windows. Administrators in companies should install the security updates promptly this time, as a vulnerability CVE-2025-33073 in Windows is to be closed. At the … Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

ConnectWise updates server certificates, update your software before June 10, 2025

Posted on 2025-06-09 by guenni

[German]Does anyone use software from ConnectWise (e.g. ScreenConnect)? This evening I received an email from a blog reader pointing out an announcement from ConnectWise that is quite urgent. By tomorrow, June 10, 2025, 15:00 CET, users must update the provider's … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Hacking group UNC6040 attacks Salesforce instances via vishing

Posted on 2025-06-08 by guenni

[German]I'm posting some more information here that I received from the Google Threat Intelligence Group (GTIG). The security experts have come across a campaign by the hacker group UNC6040 that uses voice phishing (vishing) to compromise Salesforce instances and steal … Continue reading

Posted in Security | Tagged | Leave a comment