Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Is Microsofts (Word) DDE-Patch failed partially?
[German]In December 2017, Microsoft released security updates for Microsoft Office to disable DDE functionality. However, the vulnerability may not be completely mitigated, because a new malware campaign addresses the DDE vulnerability.
Posted in Office, Security, Update
Tagged DDE, Microsoft Word, Office, Security, Update
Leave a comment
Windows 10 Hello bypassed by printout
[German]Microsoft's Windows Hello authentication technology for Windows 10 isn't foolproof. Two German security researcher has been able to successful bypass Windows Hello with a printout of an image.
Vulnerability in Palo Alto Networks Firewalls
[German]Here's a security information for administrators using Palo Alto Networks firewalls with PAN-OS . In PAN-OS there are several critical bugs, which enables attackers to gain remote root access to the firewalls.
Vulnerability: Fortinet’s FortiClient leaks VPN client credentials
[German]The NextGeneration Endpoint Protection solution from Fortinet, FortiClient, contains also a VPN client. This client exposes credentials, but an update is available. I don't know, if blog readers are using FortiClient, but I'm publishing the information as public service announcement … Continue reading
Security update for iCloud for Windows
A serious vulnerability in Apple's HTML rendering engine WebKit also affects the iCloud client for Windows. Apple has now released a security update of the iCloud client to fix these vulnerabilities.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Security Advisory (December 12, 2017)
[German]As part of the December patchday (12/12/2017), Microsoft has also issued a Microsoft Security Advisory Notification. It addresses the security settings for Active Directory Domain Services. And it's discusses the DDE vulnerability when opening Office documents.
Posted in Office, Security, Windows
Tagged Active Directory, DDE, Microsoft, Office, Security
Leave a comment
TeamViewer: Vulnerability allows permission changes
[German]The TeamViewer software, commonly used to remotely control computers, has a security vulnerability. This allows attackers to hijack a session and attack the target computer. A patch is available.
Leak: oBike exposes user data to social media
[German]Chinese firm oBike offers bikes to rent in major cities around the world. A data leak provided personal data of customers (name, email, location data) freely accessible via social networks.
Hacker are misusing CVE-2017-11882 in Office EQNEDT32.EXE
[German]Microsoft Office is shipped with old equation editor EQNEDT32.EXE that contains a vulnerability. This vulnerability is used by hacker to distribute malware.
HP installs secretly HP Touchpoint Analytics Client telemetry client
[German]Here is an Information and Question addressing owners of HP Windows devices. It seems that Hewlett Packard silently installs a telemetry client on Windows computers. Here are a few details.