 |
 |
|
|
|
Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]
02.07.2023 Attacker is able to change the redirection of the LOGOUT page. To date we are unsure if this is only if you you use SAML as in the NOV 2022 Exploit. GET /oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a%3Cscript%3Ealert(document.cookie)%3C/script%3E HTTP/1.1 Pre Authentication XSS in Citrix Gateway (CVE-2023-24488) Die Abfrageparameter für URL werden nicht ausreichend gesäubert, bevor sie in den HTTP […]
CVE-2023-23397 Was ausgenutz wird: Anstatt Standard Microsoft Outlook Sound kann man für ein meeting reminder einen Custom Sound angeben. Dieser kann auf einem Share liegen. Da liegt der Hund begraben. https://learn.microsoft.com/de-de/office/client-developer/outlook/mapi/pidlidreminderoverride-canonical-property https://www.forbes.com/sites/daveywinder/2023/03/15/microsoft-outlook-warning-critical-new-email-exploit-triggers-automatically-update-now/?sh=47f058ce6e5e CVE-2023-23397 ist ein Outlook-Bug. Wenn Sie eine eingehende E-Mail für einen Termin mit einer benutzerdefinierten Erinnerung (Ton, Attribut PidLIDReminder) senden, wird Outlook.exe (2012/2016) versuchen, […]
Starting march 2023, Microsoft EDGE will be the new Adobe Reader and Acrobat if you Opt IN I just found some Information while searching for more Infos about the 02/2023 Windows Updates/Patches. This is interesting because we mostly do AutoUpdates for Defender and EDGE Updates while we analyse and test all other monthly CUMU updates […]
August 08/2022 Patch KB5012170 Update for Secure Boot DBX problem 0x800f0922 Problem: You can’t install August 2022 Update KB5012170 on some systems under certain condition where Secure Boot is enbled and not latest BIOS/UEFI Firmware . You will receive an Error 0x800f0922 Error: Package KB5015730 failed to be changed to the Installed state. Status: 0x800f0922. […]
ISO/PATCH: ExchangeServer2016-x64-cu20 Cumulative Update 20 for Exchange Server 2016 (microsoft.com) Problem: Exchange 2016 CU20 Setup.exe /preparead (Version 15.1.2242.4 Fails) on Server 2016 (1607) Step Configuring Microsoft Exchange Server Organization Preparation results FAILED Exchange 2016 CU 20 need and fails to update Active Directory Schema to newer Version (setup.exe /prepareschema works setup.exe /Preparead fails) if you […]
Hello, This is a collection of some technical things we used to recover a SRV 2016 with blue screens. We assume the first crash was related to a too early SRV 2016 VL Release ISO and ESX 6.5 (From 2018) and a combination of a Windows Defender Update. This may help you to recover a […]
February 02/2021 Windows Updates Deinstall Adobe Flash on Server and Clients W10 – Attention VMware vCenter/ESX Admins Mit den Februar 2021 Windows Updates wird Adobe Flash (MS) de-installiert. Von Hand installierte Adobe Flash Binary bleiben auf den Systemen. Bei Teils Kunden brauchen wir ja noch FLASH fuer den Web Zugriff auf vCenter/ESX. Wenn man […]
Windows Update Server filling since a few months over the 350GB max. Value you know from WSUS-Server which runs over years You checked the internal WSUS GUI Command to clean (That does not free space often…) You cleaned the WSUS maybe even if free or commercial scripts like Adamj Clean-WSUS Still you don’t get under […]
ERROR: wsecedit.dll, MMC, Local Security Policy, Security Options > “MMC has detected and error in a snap-in” Update 2020-09 Cumulative Update (KB4577015) bug mit GPO/MMC. “Next steps: We are working on a resolution and will provide an update in an upcoming release.” Macht ein bug bei Server 2016 z.B. MMC-Konsole. Ich würde daher DC […]
Unable to import KB Notfall/Interim/Post Microsoft Patchday patch into WSUS-Server running under Microsoft Server 2012 R2. Problem: You are unable to import Patches from Windows Update Catalog on 2012 R2 WSUS Problem: You do not see the import direct into WSUS button /Direct in WSUS-importieren auf 2019 nicht sichtbar (EDGE/IE mix) Most people discover while […]
TLS 1.3 https://tools.ietf.org/html/rfc8446 Some modern Browser switch to TLS 1.3 automatic if the Web server on the other side supports this. Like Version 72 of Chrome.exe or even your OS is like Windows 10 Buildnummer 20170 upwards (That means the OS itself). So it’s all safer and faster? https://blogs.windows.com/windows-insider/2020/07/15/announcing-windows-10-insider-preview-build-20170/ The problem is that some Next […]
Unable to deploy W10 > W10 19XX (Feature Updates) to Windows 10 Clients via WSUS on Server 2012 R2. That is a patch you need to Update your W10 client from W10 19XX to 19XX/20XX via WSUS. This should have been fixed by Update KB 2919355 and Windows8.1-KB3095113-v2-x64. However on some WSUS Server 2012 R2 […]
Server 2016 running WSUS-Server if you click on a Report you the error with the Report Viewer as before. If you did not install the WSUS in an SQL and used the WID (Windows Internal Database) or have a different Version Of or many SQL Versionen mixed on that machine. ERROR: ENG: The Microsoft Report […]
Check if you are affected by the 11/2018 SSD Bitlocker Leak. ADV180028 | Guidance for configuring BitLocker to enforce software encryption Security Advisory, Published: 06.11.2018 Producer: Samsung and Crucial Affected models proof: Crucial MX100, MX200, MX300, Samsung EVO 840, 850, Samsung External USB T3/T5 There is a leak with certain SSD Hard disk (Solid-state) together […]
