Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Windows
Update 2107 for Microsoft Endpoint Configuration Manager CB
[German]Brief information for administrators in corporate environments who use Microsoft Endpoint Manager for device management. Microsoft has released update 2107 for Microsoft Endpoint Configuration Manager (current branch) as of August 2, 2021. Update 2107 brings numerous minor new features such … Continue reading
Windows 10 blocks unwanted applications (PUA) by default
[German]Starting in August 2021, Microsoft will block potentially unwanted apps (PUA) by default in Windows 10 21H1 (also Windows 11). The feature was already included in Defender, but will now be set to On by default, according to this post. … Continue reading
PetitPotam attacks on Windows blocked by RPC filters
[German]Security researchers recently disclosed a new attack vector called PetitPotam. By means of an NTLM relay attack, any Windows domain controller can be taken over. In the meantime, Microsoft has responded and published a security advisory about this security issue. … Continue reading
Microsofts Windows Quality Updates Primer (July 21, 2021)
[German]Microsoft provides different types of updates for Windows (10 and 11). These range from the monthly security and quality updates on patchday to preview updates and out-of-band updates. This is all known to well-informed administrators and users. But Microsoft has … Continue reading
Microsoft Security Update Revisions (July 29, 2021)
[German]Brief information for Windows admins in the corporate environment. Microsoft has released the night of 7/29/2021 revised security updates to mitigate NTLM Relay attacks on Active Directory certificates and vulnerability CVE-2021-36934 (Windows Elevation of Privilege Vulnerability, HiveNightmare). I'll post it … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows 8/8.1: Out-of-band fix for printer issue (July 28, 2021)
[German]Microsoft has released the next set of out-of-band updates for Windows 8 Embedded/Server 2012 and Windows 8.1/Server 2012 R2 on July 28, 2021. These updates are supposed to fix the printing issue in connection with SmartCard authentication. Here's a quick … Continue reading
Hotfix for MBAM bitlocker recovery key issue in ConfigMgr 2013
[German]Quick note for administrators who use the MBAM agent to escrow BitLocker recovery keys. This may result in excessive policy generation in Configuration Manager version 2103. Microsoft has now provided a hotfix to address this issue.
RemotePotato0: Privilege Escalation Vulnerability in Windows RPC Protocol
[German]Every Windows system is vulnerable to a specific NTLM relay attack that could allow attackers to escalate privileges from user to domain admin. This vulnerability has a status of "not being fixed" and was the subject of the PetitPotam approach … Continue reading
LemonDuck and LemonCat malware boost activity
[German]LemonDuck and LemonCat is malware that both acts as a bot and mines crypto-money. LemonDuck can run on different platforms (Linux, Windows), threatening machines on corporate networks. According to Microsoft, this malware has been poorly documented so far, which is … Continue reading
PetitPotam attack allows Windows domain takeover
[German]There is a new attack vector called PetitPotam. This enables a threat actor to launch an NTLM relay attack on domain controllers. Ultimately, this can be used to take over entire domains. Since many organizations run domain controllers with Microsoft … Continue reading