Blogs
Links
Archives
Categories
Social networks
Awards
Sponsors
(Paypal-Donations)Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Meta
Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Archives
Categories
Meta
Tag Archives: Windows
Microsoft's new Store app installer with telemetry wrapper as a security trap
[German]I just reported how the Store team has started repackaging Store apps. An executable .NET wrapper is slapped around the store apps, which smuggles telemetry and other code into the app. This is intended to simplify the installation of store … Continue reading
Advertising
Windows print spooler vulnerability CVE-2022-38028 preferred attack vector for Russian attackers
[German]The old print spooler vulnerability CVE-2022-38028 in Windows is probably the preferred target of the Russian hacker group Fancy Bear. This was revealed by Microsoft's analysis of an attack tool ('GooseEgg' malware). However, this attack vector can no longer be … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Microsoft packs Store apps with telemetry wrapper
[German]The move from Microsoft, which has just been uncovered and is causing anger among developers. Their Store team has started to secretly repackage Store apps. The apps are provided with an executable .NET wrapper that adds telemetry and other code … Continue reading
Advertising
Windows Server 2012 / R2 and Windows 7 (April 9, 2024)
[German]Various security updates for Windows Server 2012/R2 (1st ESU year) were published on April 9, 2024. Support for Windows 7 SP1 and Windows Server 2008 R2 expired in January 2024. However, updates for Windows Embedded Standard 7 can be downloaded … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 4.2024, Security, Update, Windows
Leave a comment
Microsoft Security Update Summary (April 9, 2024)
[German]On April 9, 2024, Microsoft released security updates for Windows clients and servers, Office and other products. The security updates address 147 vulnerabilities (CVEs), including three critical vulnerabilities. Below is a compact overview of these updates that were released on … Continue reading
Advertising
Windows NTLM credentials vulnerability CVE-2024-21320: Fix from 0patch
[German]There is a vulnerability in Windows (CVE-2024-21320) that exposes NTLM credentials about Windows topics. Microsoft patched the vulnerability CVE-2024-21320 in January 2024. This patch provides a policy to prevent the exposure of NTLM credentials when theme files are located on … Continue reading
Deprecated: Test Base, special TLS authentication certificates, Visual Studio App Center
[English]Another brief information: Microsoft has announced the discontinuation of Visual Studio App Center this week. Furthermore, features such as Test Base (Azure) and TLS server authentication certificates with less than 2048 bits were classified as "deprecated" and discontinued for March … Continue reading
Update on Windows handening in 2024/2025 – March 2024
[German]A quick note for administrators in corporate environments. Microsoft carries out so-called hardening measures for Windows (clients and servers) over longer periods of time. This involves hardening (securing) functions via Windows Update on certain key dates. Some of these hardening … Continue reading
Advertising
Microsoft Security Update Summary (March 12, 2024)
[German]On March 12, 2024, Microsoft released security updates for Windows clients and servers, for Office – and for other products. The security updates eliminate 73 vulnerabilities (CVEs), two of which are 0-day vulnerabilities that are already being exploited. Below is … Continue reading
Microsoft closes exploited Windows 0-day vulnerability CVE-2024-21338 six months after notification
[German]In February 2024, Microsoft closed the vulnerability CVE-2024-21338 in the kernel of Windows 10/11 and various Windows Server versions. Great! The flaw in the story: The vulnerability was reported by AVAST in August 2023, and the vulnerability was exploited as … Continue reading