Security

OnePlus 9 Android security patch 2023.09

OnePlus 9 Android security patch 2023.09

Andres Bohren
Hi All, A few Days ago, i have received an update for my OnePlus 9 Android Smartphone. It includes the Android 2023.09 Security Updates. Details can be found in the OnePlus Community OxygenOS 13.1.0.591 for the OnePlus 9/9 Pro Changelog Integrates the September 2023 Android security patch to enhance system security. Regards Andres Bohren Unified Messaging Logo
Exchange Online Custom RBAC Role for AWS

Exchange Online Custom RBAC Role for AWS

Andres Bohren
Hi All, I’ve had an interesting Use Case some Weeks ago. The collegues from the AWS Cloud Team wanted to create a Mailenabled Security List for each Application they create. So they can inform the right People and i guess also assign permissions to these People. I expected, that this will be an easy task. Just a few Microsoft Graph Commands to create a Group and add Members. But i was very wrong.
How Exchange Online DMARC Aggregate Reports Change the Game

How Exchange Online DMARC Aggregate Reports Change the Game

Andres Bohren
Hi All, Gain visibility with DMARC In the current digital era, email has become a crucial component of both our personal and professional lives. However, with the sophistication of cyber threats rising, it is more important than ever to ensure the security and legitimacy of email communications. This is where Domain-based Message Authentication, Reporting, and Conformance (DMARC) comes into play. The Mailservers of Recipients that support DMARC, provide feedback to domain owners about the use of their domains; this feedback can provide valuable insights about the use and abuse of your domains.
August 2023 Exchange Server Security Updates

August 2023 Exchange Server Security Updates

Andres Bohren
Hi All, It’s again Patchday and Microsoft has released Security Updates for Exchange 2016 and 2019. Exchange Team Blog Released: August 2023 Exchange Server Security Updates CVE-2023-21709 Microsoft Exchange Server Elevation of Privilege Vulnerability You have to run a Script after the Installation to Address CVE-2023-21709. The Update fails on Non-English Operating System. Workaround can be found here Exchange Server 2019 and 2016 August 2023 security update installation fails on non-English operating systems
Are Passkeys coming to AzureAD / M365?

Are Passkeys coming to AzureAD / M365?

Andres Bohren
Hi All, I’ve tried to register a Yubikey 5 NFC with my Android OnePlus9 (has Android 13 installed). First of all, it does not work with Chrome 114 on Android. So i used Microsoft Edge Browser on Android to Sign in to Security Info I’ve aded a Security Key Selected NFC Device Instead of NFC Key you can see a Passkey dialog In the end i could not save it
VMware Tools for Windows 12.2.5

VMware Tools for Windows 12.2.5

Andres Bohren
Hi All, VMware has released a Security Advisory for VMware Tools VMSA-2023-0013 VMware Tools update addresses Authentication Bypass vulnerability (CVE-2023-20867) You can download the newest version of VMware Tools here: VMware Tools 12.2.5 After loggin in you need to consent to the general Terms to download the VMware Tools In the downloaded zip File is the ISO File with the VMWare Tools for Windows I’ve extracted the ISO, Renamed it and uploaded it to the Datastore
Microsoft Code 1.79 fixes security issue

Microsoft Code 1.79 fixes security issue

Andres Bohren
Hi All, In Microsoft Code 1.79, there has been an update that fixes a security issue. You can find the details here Closed Issue A information disclosure vulnerability exists in VS Code 1.79.0 and earlier versions on Windows when file system operations are performed on malicious UNC paths. Examples include reading or resolving metadata of such paths. An authorised attacker must send the user a malicious file and convince the user to open it for the vulnerability to occur.
June 2023 Exchange Server Security Updates

June 2023 Exchange Server Security Updates

Andres Bohren
Hi All, Yesterday, Microsoft has released new Exchange Security Updates. Read more at the Blog Post from the Exchange Team Released: June 2023 Exchange Server Security Updates In my case that’s Exchange 2016 CU23 Security Update 8 Security Update For Exchange Server 2016 CU23 SU8 (KB5025903) Description of the security update for Microsoft Exchange Server 2016: June 13, 2023 (KB5025903) Installing the Security Update After the Security Update is installed, it is a good idea to restart the Server.
KeePass 2.54 released

KeePass 2.54 released

Andres Bohren
Hi All, Lately KeePass was in the Press because of the Security Eploit below. Simple Security Exploit Allows Retrieval Of KeePass Master Password, Patch Inbound In short, KeePass 2.53 and earlier loads the master password into memory in plaintext when it is entered via the keyboard. This means all an attacker has to do is get their hands on a memory dump regardless of if that comes from “the process dump, swap file (pagefile.
Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.5 released

Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.5 released

Andres Bohren
Hi All, Just a few Hours ago, the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.5 was released to the PowerShell Gallery. PowerShell Gallery ORCA 2.5 Seems like some bugs have been closed ORCA Closed Issues Check installed Module and what’s available from the PowerShell Gallery Get-InstalledModule ORCA Find-Module ORCA Uninstall old Module and install the newest one from the PowerShell Gallery Uninstall-Module ORCA Install-Module ORCA Get-InstalledModule ORCA Check what commands are available in the Module