Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Ivanti Endpoint Manager vulnerability CVE-2021-44529: Code injection or backdoor?
[German]New scandal surrounding Ivanti Endpoint Manager. In 2021, Ivanti closed a security vulnerability CVE-2021-44529 in the product known as "code injection". There were rumors that it was a backdoor in an open source project. A security researcher then took another … Continue reading
Progress Kemp LoadMaster (Load-Balancer) vulnerabilityCVE-2024-1212
On February 8, 2024, administrators using the Progress Kemp LoadMaster load balancer were advised to update its firmware. The information on the vulnerability CVE-2024-1212 in the Progress Kemp LoadMaster firmware was not released until February 21, 2024. I have updated … Continue reading
AnyDesk hack: Newly signed clients available; what are your experiences? – Part 12
[English]At the begin of February 2024, it became known that the provider of remote maintenance software, AnyDesk, was the victim of a hack of its production environment. I pointed out early on that the hack had already taken place in … Continue reading
Critical FortiOS-Bug (Feb. 8., 2024)
[German]A very brief note, which was also pointed out to me by a blog reader. Forti has re-released all FortiOS versions on February 8, 2024. The release notes do not say what has been fixed in these versions. The reader … Continue reading
JetBrains TeamCity: Critical vulnerability CVE-2024-23917 (on-premises)
[German]A small addendum from yesterday regarding security. There is a critical vulnerability in JetBrains TeamCity Server that endangers on-premises servers. There is probably a security update available, which should be installed as soon as possible. I don't know who among … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Ivanti Connect Secure: New vulnerabilities CVE-2024-21888 and CVE-2024-21893 patched
[German]Security issues in Ivanti products are ongoing. In January 2024, the provider had to disclose two new security vulnerabilities in Ivanti Connect Secure. These are CVE-2024-21888 (privilege escalation to admin) and CVE-2024-21893 (SSRF to access "restricted resources"). So far, there … Continue reading
AnyDesk: Be careful in using that remote support software
[German]A short warning to IT supporters who use the AnyDesk remote maintenance software for remote support. A few days ago, I reported some issues with this product (see my German blog post Störung bei AnyDesk, jemand betroffen?). AnyDesk web site … Continue reading
Copilot Pro: Microsoft's subscription model for its products
[German]Microsoft has introduced an extension to its LLM solution Copilot. Microsoft Copilot Pro is a subscription-based approach to rolling out LLM models to both home and business users, from small businesses to large enterprises, and earning money from these solutions. … Continue reading
VMware OEM portal offline, customers cannot activate VMware licenses
[German]Is Broadcom starting the "shakeout" of VMware customers? After Broadcom terminated all VMware partners as of February 4, 2024, the OEM portal is now down. However, the VMware OEM portal is required to activate VMware licenses purchased through OEMs. A … Continue reading
Microsoft Security Update Summary (January 9, 2024)
[German]On January 9, 2024, Microsoft released security updates for Windows clients and servers, for Office and for other products. The security updates eliminate 48 vulnerabilities (CVEs), two of which are critical vulnerabilities. Below is a compact overview of these updates … Continue reading