Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
MoveIT vendor Progress Software reports serious vulnerabilities in WS_FTP Server
[German]Progress Software, which has been hit hard by the MoveIT vulnerability, is facing the next trouble. There are further serious vulnerabilities in its WS_FTP Server software that could already being exploited in the wild. The products must be immediately provided … Continue reading
TrendMicro released critical patch for Apex One SP1 Build 12512
Trend Micro has released a new "Critical Patch" for its ApexOne product (thanks to the reader for pointing it out). The patch applies to Apex One Service Pack 1 (server and agent build 12512). The critical patch fixes several bugs … Continue reading
Trend Micro: Update closes exploited critical vulnerability CVE-2023-41179
[German]Short notice for users and administrators of Trend Micro security products Apex One and Worry-Free Business Security on Windows. There is a critical vulnerability (CVE-2023-41179) in the products that is already being exploited in the wild. However, the manufacturer offers … Continue reading
Notepad++ v8.5.7 fixes vulnerabilities
[German]In mid-August 2023, security researcher Jaroslav Lobacevski had made public four vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) in Notepad ++ editor for Windows. The vulnerabilities' rating ranges from medium to high. The developer, having known about these vulnerabilities for months, has … Continue reading
Vulnerabilities (CVE-2023-40481, CVE-2023-31102) in 7-ZIP; fixed in version 23.00 (August 2023)
[German]A short update from the end of August 2023. Security researchers have found two vulnerabilities in the 7-Zip program, which is used to pack and unpack ZIP archive files. The vulnerabilities CVE-2023-40481 and CVE-2023-31102 are classified as high-risk from a … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading
Palo Alto: Ivanti Endpoint Manager Mobile Vulnerabilities Readback (August 2023)
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via … Continue reading
Duolingo: Leak with 2.6 million user records, check for 'Have I been Pwned' possible
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed … Continue reading
Google Chrome 116.0.5845.110/.111
[German]Google has released updates to the Google Chrome browser 116 in the stable channel for Mac, Linux and Windows on August 22, 2023. These are security updates that will be rolled out in the coming weeks and should eliminate 5 … Continue reading
New 0-day vulnerability CVE-2023-38035 in Ivanti Sentry
[German]I don't know if administrators of Ivanti Mobileron solutions can still hear it: The vendor is currently warning about a new 0-day vulnerability CVE-2023-38035 in Ivanti Sentry (formerly MobileIron Sentry). Versions 9.18, 9.17 and 9.16 are affected. Older editions are … Continue reading