Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading
Palo Alto: Ivanti Endpoint Manager Mobile Vulnerabilities Readback (August 2023)
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via … Continue reading
Duolingo: Leak with 2.6 million user records, check for 'Have I been Pwned' possible
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed … Continue reading
Google Chrome 116.0.5845.110/.111
[German]Google has released updates to the Google Chrome browser 116 in the stable channel for Mac, Linux and Windows on August 22, 2023. These are security updates that will be rolled out in the coming weeks and should eliminate 5 … Continue reading
New 0-day vulnerability CVE-2023-38035 in Ivanti Sentry
[German]I don't know if administrators of Ivanti Mobileron solutions can still hear it: The vendor is currently warning about a new 0-day vulnerability CVE-2023-38035 in Ivanti Sentry (formerly MobileIron Sentry). Versions 9.18, 9.17 and 9.16 are affected. Older editions are … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WinRAR Code Execution Vulnerability CVE-2023-40477
[German]I don't know how common WinRAR is among the blog readers. WiNRAR developers have fixed a critical code execution vulnerability (CVE-2023-40477) in the software. It is enough to open a compromised archive file to allow attackers to execute arbitrary code … Continue reading
Microsoft Security Update Summary (August 8, 2023)
[German]On August 8, 2023, Microsoft released security updates for Windows clients and servers, for Office – as well as for other products. The security updates eliminate 73 vulnerabilities, one is a 0-day. Below is a compact overview of these updates … Continue reading
Critical RCE vulnerability CVE-2023-39143 in PaperCut before version 22.1.3
[German]Anyone using the Papercut MF/NG print management solution under Windows should urgently patch the product. A critical RCE vulnerability CVE-2023-39143 that has just been disclosed allows PaperCut servers to be taken over. The vendor has already released a corresponding security … Continue reading
Vulnerability CVE-2023-35082 in Ivanti MobileIron Core (up to version 11.2)
[German]After already admitting to two vulnerabilities in July 2023 that were exploited in hacks, Ivanti has confirmed another vulnerability in MobileIron Core (Ivanti Endpoint Manager Mobile, EPMM). According to a new security advisory from Ivanti, there is another vulnerability CVE-2023-35082 in … Continue reading
PowerToys 0.72 released
[German]Microsoft has released version 0.72 of its free PowerToys for Windows 10 and Windows 11 on August 1, 2023. I have here in the blog no longer reported about these tools and the accompanying weekly water levels, especially since the … Continue reading