Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows 10: 0-Day-Exploit in Microsoft Data Sharing
[German]Twitter user @SandboxEscaper has once again disclosed a zero-day exploit in Windows 10 (and the server editions) and published a proof of concept (PoC) on GitHub. It concerns the Microsoft Data Sharing library dssvc.dll, which allows an extension of rights..
Critical vulnerabilities in NAS devices from WD, NetGear, SeaGate, and Medion
[German]Bad news for owners of NAS systems (WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS). Security researchers have found several critical vulnerabilities within this devices.
Microsoft Security Update Releases (Oct. 19, 2018)
Microsoft released on October 19, 2018, an update to its security descriptions for October 10, 2018, updates. There is a new note about Yammer Desktop application.
Windows 10 19H1 with Retpoline Spectre V2 Mitigation
[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.
Windows: RID Hijacking allows guests to become an Admin
[German]It seems that all Windows versions contains a kind of 'vulnerability' which allows to transfer user rights (administrator privileges) from another account to a Windows guest account. This is called RID hijacking, and has been known for at least 10 … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Security Update Releases (Oct 17, 2019)
Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL … Continue reading
Oracle Critical Patch Update October 16, 2018
[German]Oracle has released a number of critical updates for its products as of October 16, 2018. Here is an overview of these updates.
FOSS LinuxBoot replaces UEFI on servers
[German]Vendors using Linux-Servers intends to move away from proprietary hardware with UEFI, Intel ME & Co. The free LinuxBoot is the answer to the UEFI glue of the commercial manufacturers, but is limited to the server area. Here is some … Continue reading
Windows: CVE-2018-8423; CVE-2018-8453, CVE-2018-8495
[German]In October 2018, Microsoft patched some vulnerabilities in Windows with updates. The vulnerability CVE-2018-8495 is now being actively exploited. For the (probably incompletely patched) vulnerability CVE-2018-8495 a Proof-of-Concept (PoC) is now available. And the vulnerability CVE-2018-8423 was probably patched. Here … Continue reading
DOM-XSS bug putsTinder, Shopify, Yelp & Co. at risk
Users of Tinder, Shopify, Yelp and others are threatened in their security. Security researchers at vpnMentor have discovered a DOM-XSS bug that allows them to extract information about other users via apps or websites concerned. Potentially 685 million users are … Continue reading