Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Windows
Windows PowerShell backdoor discovered, mimicking as part of Windows Update process
[German]Security researchers from SafeBreach recently came across a previously unknown PowerShell backdoor in Windows. This uses a malicious Word document to inject the PowerShell scripts. The backdoor can list Active Directory users and remote desktops, and is presumably intended to … Continue reading
Expedited Updates for Windows as preview in Microsoft Intune
[German]In enterprise environments, how can you ensure that (certain) security updates and quality updates are rolled out to and reach all devices as quickly as possible? Microsoft is working on "accelerated updates" for this purpose. The whole thing has now … Continue reading
Windows Update Service components update KB4023057, the zombie is still alive (Oct. 2022)
[German]Microsoft has released update KB4023057 (Update for Windows Update service components) for machines with Windows 10/11 in an updated version in October 2022. The update is intended to improve the reliability of the Windows Update Service, in other words: to … Continue reading
Windows: 0Patch micropatch for MotW bypassing 0-day (no CVE)
[German]A new bug in Windows has been known for a few days that prevents the "Mark of the Web" flag from being evaluated for broken signatures. Microsoft itself has not yet released a patch for this 0-day vulnerability. The vulnerability … Continue reading
Avast Anti-Rootkit Driver Used in Ransomware Attack to Increase Authorization
[German]Ransomware groups continue to develop new tactics, techniques, and procedures (TTPs) to bypass protections during attacks. On the other hand, protections on endpoints and networks continue to evolve. The Microsoft Detection and Response Team (DART) published a case report the … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows 0-day (Mark of the Web) used for ransomware attacks via JavaScript
[English]The days I had reported about an unfixed 0-day vulnerability, Mark of th e Web (MOTOW), in Windows for which there is an unofficial fix. Now a report has come to my attention that a 0-day vulnerability in this area … Continue reading
SSL/TLS connection issue fix: out-of-band update status and affected applications (Oct. 21, 2022)
[German]As of October 17, 2022, Microsoft has released several unscheduled updates for Windows. These updates fix a connection problem that can occur with SSL and TLS connections. Affected by this problem are probably all Windows client and server. Below I … Continue reading
Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)
[German]Since May 2022, a bug has been known to exist in Windows that prevents the "Mark of the Web" flag from being set for files extracted from ZIP archives. Microsoft itself has not yet released a patch for this 0-day … Continue reading
Out-of-band updates for Windows fixes SSL-/TLS connection issues (also with Citrix) – October 17, 2022
[German]As of October 17, 2022, Microsoft has released an unscheduled update KB5020387 for Windows 11 21H2. This update fixes a connection problem that can occur with SSL and TLS connections. All Windows client and server versions that are still in … Continue reading
Windows Update KB5012170 (Secure Boot DBX) re-released for WSUS (Oct. 2022)
[German]Brief information for administrators in the Windows environment. A reader just informed me that Windows Update KB5012170 has been re-released in WSUS. This update was released on Patchday, August 9, 2022 to fix issues in Secure Boot DBX. However, this … Continue reading