Tag Archives: Vulnerability

Microsoft Teams: Remote Code Execution (RCE) vulnerability

A little note about security on Microsoft Teams. Two security researchers @adm1nkyj1 and @jinmo123 participated in pwn2own 2022 in Vancouver. There they tried to hack Microsoft Teams, but failed due to time allocation. Both discovered a bug that allowed an … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Advertising

Trend Micro Apex One and Office Scan XG vulnerable

[German]Administrators using Trend Micro's Apex One, Apex One as a Service (SaaS) and Office Scan XG products as a protection solution on Windows and macOS need to act. The products are vulnerable through four vulnerabilities, but an update is available. … Continue reading

Posted in macOS, Security, Software, Windows | Tagged , , , | Leave a comment

Windows 10: Critical codec vulnerabilities patched

[German]Microsoft has patched vulnerabilities CVE-2020-1425 and CVE-2020-1457 in the Windows Codecs Library in an emergency update on 30 June 2020. This affects Windows 10 and its Windows Server counterparts. Advertising

Posted in Security, Software, Update, Windows | Tagged , , , | Leave a comment

Kr00k: Wi-Fi vulnerability puts millions of devices at risk

[German]Security researchers at ESET have discovered a vulnerability in Broadcom and Cypress WLAN chips that could compromise the WPA2 encryption of millions of devices (routers). Here is some information on the subject. Advertising

Posted in devices, Security | Tagged , , , , | Leave a comment

Does PayPal fail with security? Vulnerabilities unfixed

[German]Disturbing story just came to me from security analysts. The provider PayPal has had (and still has) vulnerabilities in its system for a month, which were reported in January 2020, but have not yet been fixed. Hackers can abuse them … Continue reading

Posted in Security | Tagged , , , | Leave a comment
Advertising

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...


Security: Avira Optimizer allows privilege escalation

[German]Users of the virus protection solution receive the Avira Optimizer installed in newer versions. Up to the version before 1.2.0.367, this contains a vulnerability that allows privileges escalation. The Avira developers have now fixed this vulnerability with the version mentioned … Continue reading

Posted in Security, Windows | Tagged , , , , | Leave a comment

Advertising

.SettingContent-ms files put Windows 10 at risk

[German]Microsoft has introduced a new file format (.SettingContent-ms) for Windows 10 in 2015. However, this file format proves to be a weak point, as any commands and applications can be defined for execution via the underlying XML structures. Advertising

Posted in Security, Windows | Tagged , | Leave a comment

Critical vulnerabilities in Microsoft’s Malware Protection Engine (CVE-2017-11937 and CVE-2017-11940)

[German]Microsoft's Malware Protection Engine has a critical memory corruption vulnerability that allows remote code execution. Microsoft released a security advisory on December 6, 2017 and says corresponding security updates are available. Here are what I found out till now. [Update: … Continue reading

Posted in Security, Update, Windows | Tagged , , , | 2 Comments

Advertising

Critical vulnerability in HPE Integrated Lights-out 4 (iLO 4)

[German]The management software Integrated Lights-out 4 (iLO 4) for HP-Proliant Server has a critical vulnerability, allowing remote code execution on a system without login. Advertising

Posted in devices, issue, Security, Update | Tagged , , | Leave a comment

US-CERT warns: Microsoft Windows LNK vulnerability

[German]US-CERT issued a warning: Microsoft Windows automatically executes code specified in shortcut (LNK) files. This allows attackers to execute malware during viewing a lnk file. A public exploit is available. Advertising

Posted in Security, Windows | Tagged , , | Leave a comment