Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows 0-day ALPC vulnerability in task scheduler
[German]Windows has an unpatched zero-day local privilege escalation vulnerability, which allows unprivileged users to extend rights to the SYSTEM level. Here is some information about the facts. Addendum: There seems to be a workaround to mitigate the vulnerability. And there is a … Continue reading
Security Advisory-Update ADV180018
[German]Microsoft released several updates for Windows with Intel Microcode updates on August 14. New a revision of the Microsoft Security Advisory Notification for ADV180018 was published on August 24. Here is the notification from Microsoft – and also an addendum … Continue reading
Unpatched vulnerability in GhostScript interpreter
[German]A major vulnerability in the GhostScript interpreter has just went public. There is no patch yet. The vulnerability may allow the victim's machine to be taken over. Here is some information on this topic, since GhostScript is included in some … Continue reading
SQL Server 2016 SP1 Update KB4458842 (08/22/2018)
[German]A brief note for admins. Microsoft has released on August 22, 2018 a critical security update KB4458842 for SQL Server 2016 SP1. Here are a few details about that update.
Vulnerabilities in Microsoft Visual C++ Runtime
[German]Here is another hint to vulnerabilities buried in software packages from Microsoft. The Visual C++ runtime packages (VC redistributable) provided by Microsoft are assembled to installer packages with outdated (vulnerable) WiX Toolkit versions.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Visual Studio 2015 Update 3 security patch
If someone still uses Microsoft Visual Studio 2015 Update 3, they should install a security update. Microsoft has just issued an update notification.
Windows 10 and the OneDrive vulnerabilities – Part 3
[German]In Part 1 and Part 2 of my article series I described the vulnerabilities in Microsoft's OneDrive client (addressing the location of program files in the unprotected profile folder and the use of outdated open source libraries with known vulnerabilities). … Continue reading
Windows 10 and the OneDrive vulnerabilities – Part 2
[German]In part 1 of my article series about vulnerabilities in OneDrive client I mentioned, the location of the program files in the unprotected profile folder. But Microsoft developers have made further mistakes, such as using outdated open source libraries with … Continue reading
Windows 10 and the OneDrive vulnerabilities – Part 1
[German]This article is about the OneDrive client that Microsoft delivers with Windows 10. The way, how Microsoft's developers has implemented this client, leaves several vulnerabilities. Here are a few details about an investigation.
Firefox Addon Stylish is back ….
[German]Dead ones live longer. The Stylish addon, with which you can give websites their own style, is back for Firefox. Great development, here's some background information you need to know.