Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Trend Micro: Update closes exploited critical vulnerability CVE-2023-41179
[German]Short notice for users and administrators of Trend Micro security products Apex One and Worry-Free Business Security on Windows. There is a critical vulnerability (CVE-2023-41179) in the products that is already being exploited in the wild. However, the manufacturer offers … Continue reading
Notepad++ v8.5.7 fixes vulnerabilities
[German]In mid-August 2023, security researcher Jaroslav Lobacevski had made public four vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) in Notepad ++ editor for Windows. The vulnerabilities' rating ranges from medium to high. The developer, having known about these vulnerabilities for months, has … Continue reading
Vulnerabilities (CVE-2023-40481, CVE-2023-31102) in 7-ZIP; fixed in version 23.00 (August 2023)
[German]A short update from the end of August 2023. Security researchers have found two vulnerabilities in the 7-Zip program, which is used to pack and unpack ZIP archive files. The vulnerabilities CVE-2023-40481 and CVE-2023-31102 are classified as high-risk from a … Continue reading
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading
Palo Alto: Ivanti Endpoint Manager Mobile Vulnerabilities Readback (August 2023)
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Duolingo: Leak with 2.6 million user records, check for 'Have I been Pwned' possible
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed … Continue reading
Google Chrome 116.0.5845.110/.111
[German]Google has released updates to the Google Chrome browser 116 in the stable channel for Mac, Linux and Windows on August 22, 2023. These are security updates that will be rolled out in the coming weeks and should eliminate 5 … Continue reading
New 0-day vulnerability CVE-2023-38035 in Ivanti Sentry
[German]I don't know if administrators of Ivanti Mobileron solutions can still hear it: The vendor is currently warning about a new 0-day vulnerability CVE-2023-38035 in Ivanti Sentry (formerly MobileIron Sentry). Versions 9.18, 9.17 and 9.16 are affected. Older editions are … Continue reading
WinRAR Code Execution Vulnerability CVE-2023-40477
[German]I don't know how common WinRAR is among the blog readers. WiNRAR developers have fixed a critical code execution vulnerability (CVE-2023-40477) in the software. It is enough to open a compromised archive file to allow attackers to execute arbitrary code … Continue reading
Microsoft Security Update Summary (August 8, 2023)
[German]On August 8, 2023, Microsoft released security updates for Windows clients and servers, for Office – as well as for other products. The security updates eliminate 73 vulnerabilities, one is a 0-day. Below is a compact overview of these updates … Continue reading