Suche
Beiträge, die mit update getaggt sind
Dienstälteste FritzBox erhält weiteres FritzOS-Update mit Optimierungen
Der älteste von AVM noch unterstützte Router erhält ein weiteres Funktionsupdate. Damit werden noch einmal bestehende Fehler behoben und Optimierungen im Bereich Internet und WLAN durchgeführt.Felix Krauth (WinFuture.de)
Apple patches first exploited iOS Zero-Day of 2025.Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. The zero-day tracked as [CVE-2025-24085], is a privilege escalation security flaw in Apple's Core Media framework.
https://support.apple.com/en-us/100100
#apple #update #ios #zeroday #coremedia #it #security #privacy #engineer #media #tech #news
![[ImageSource: Shutterstock]
The updates also address five security flaws in AirPlay, all reported by Oligo Security researcher Uri Katz, that could be exploited by an attacker to cause unexpected system termination, denial-of-service (DoS), or arbitrary code execution under certain conditions.
Google's Threat Analysis Group (TAG) has been credited with discovering and reporting three vulnerabilities in the CoreAudio component (CVE-2025-24160, CVE-2025-24161 and CVE-2025-24163) that may lead to an unexpected app termination when parsing a specially crafted file.
Apple has fixed the security issues in the following devices and operating system versions.
• iOS 18.3 and iPadOS 18.3 - iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• macOS Sequoia 15.3 - Macs running macOS Sequoia
• tvOS 18.3 - Apple TV HD and Apple TV 4K (all models)
• visionOS 2.3 - Apple Vision Pro
• watchOS 11.3 - Apple Watch Series 6 and later](https://nerdculture.de/system/media_attachments/files/113/917/894/741/773/314/original/a4502e320d7426db.png "[ImageSource: Shutterstock]
The updates also address five security flaws in AirPlay, all reported by Oligo Security researcher Uri Katz, that could be exploited by an attacker to cause unexpected system termination, denial-of-service (DoS), or arbitrary code execution under certain conditions.
Google's Threat Analysis Group (TAG) has been credited with discovering and reporting three vulnerabilities in the CoreAudio component (CVE-2025-24160, CVE-2025-24161 and CVE-2025-24163) that may lead to an unexpected app termination when parsing a specially crafted file.
Apple has fixed the security issues in the following devices and operating system versions.
• iOS 18.3 and iPadOS 18.3 - iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• macOS Sequoia 15.3 - Macs running macOS Sequoia
• tvOS 18.3 - Apple TV HD and Apple TV 4K (all models)
• visionOS 2.3 - Apple Vision Pro
• watchOS 11.3 - Apple Watch Series 6 and later")
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.Apple Support
AirPods: Offizielle Anleitung verrät, wie man Firmware-Updates startet
Die allererste Generation von Apples kabellosen Kopfhörern erschien bereits im Jahr 2016. Jetzt hat das Unternehmen allerdings zum ersten Mal den 'offiziellen Weg' verraten, auf dem Nutzer ein Firmware-Update starten können.Felix Krauth (WinFuture.de)
PowerToys: Update beschert Tool-Sammlung neues hilfreiches Modul
Die nützliche Tool-Sammlung erhält eine neue Funktion, die die Arbeit unter Windows erleichtert. Zudem werden etliche Probleme in Modulen wie FancyZones, PowerToys Run oder dem Textextraktor behoben.Felix Krauth (WinFuture.de)
Windows 11 24H2: Microsoft behebt Problem, Update-Sperre bleibt aber
Die neueste Version von Microsofts Betriebssystem macht immer noch allerhand Ärger. Jetzt behebt das optionale Januar-Update eines der vielen Probleme. Die Update-Sperre für Betroffene bleibt vorerst aber bestehen. Der Grund dafür ist noch unklar.Felix Krauth (WinFuture.de)
Epic Games Store fürs Handy: Gratis-Spiele jetzt auch für Android & iOS
Mit einem Update erhält der Epic Games Store auf Mobilgeräten endlich Leben. So können ab sofort auch Spiele von Drittanbietern über die App gekauft werden. Nach dem Vorbild auf dem PC werden zudem regelmäßig Spiele verschenkt.Felix Krauth (WinFuture.de)
Windows 11 24H2: Microsoft erleichtert Update für Windows-10-Nutzer
Microsoft ist weiterhin bemüht, mehr Windows-10-Nutzer von einem Wechsel auf Windows 11 zu überzeugen. In diesem Zug macht man jetzt den Update-Prozess deutlich einfacher. Ab sofort ist die Verwendung eines Installationsmediums nicht mehr notwendig.Felix Krauth (WinFuture.de)
ℹ️ Die WMS- und WMTS-Dienste enthalten nun den Stand der Datenlieferungen der Länder bis Anfang September 2024.
#update #frischeKarten#Karten #amtlich #basemap
FritzOS 8.03: AVM startet neues Update für ersten FritzBox-Router
Gleich zwei FritzBox-Modelle erhalten neue Firmware von AVM. Während für einen Router noch das Update auf FritzOS 8.02 bereitgestellt wird, ist das zweite Gerät mit FritzOS 8.03 schon eine Version weiter.Felix Krauth (WinFuture.de)
#MeineTimeline berichtet über Med-Fluencer, das sind Medizin-Influencer, die teilweise gefährliche Gesundheitstipps oder Halbwahrheiten verbreiten, Computerspendevereine, heute ist "Feiere-das-Leben-Tag", Linux auf alter Hardware und Nvidia empfiehlt ein dringendes Update.
Ich möchte ich noch mal genauer auf die #Computerspendevereine eingehen, ich finde das ja eine tolle Sache. Bedürftige Menschen, Menschen die #Armutsbetroffen sind, haben hierrüber die Möglichkeit, an Hardware zu kommen und somit auch am digitalen Leben teilzunehmen. @caos hatte da gestern eine schöne Übersicht zusammen gestellt:
Link: Überblick: Computerspendevereine
Außerdem, wie bereits erwähnt, hat Nvidia mehrere gefährliche Schwachstellen in seinen GPU-Treibern für Windows und Linux entdeckt. Diese Sicherheitslücken ermöglichen Angreifern den Zugriff auf sensible Daten und können zur Manipulation des Systems führen. Um die Gefahr zu bannen, hat Nvidia neue Treiber veröffentlicht, die die Sicherheitslücken schließen. Die neuen Treiber für Windows haben die Versionsnummern 553.62 und 539.19.
Link: PCs weltweit in Gefahr: Nvidia rät zu dringendem Grafikkarten-Update
Ich geh mir jetzt den 2. Kaffee holen, habt noch einen feinen Tag!
#gm, #GutenMorgen, #Spende, #Spenden, #Nvidia, #Treiber, #Hardware, #Schwachstelle, #Update
#Health #Healthcare #UnitedHealthcare #Luigi #LuigiMangione #BrianThompson #CEO #HumanRights #usa #america #canada #profit #stockprice #shooter #update #news #UniversalSinglePayerHealthcare #BernieSanders #corruption #WeAreStupid #WhatWouldTheFrenchDo #Politics #Corporatocracy #Oligarchy #Plutocracy #autocracy #ToxicCapitalism #Capitalism #Economics #Democracy #EatTheRich #NationalStrike
Neil Shooter on Substack
Does this help Americans put things into perspective? One health insurance company out of many? Just a “loss”. Not the value. Not the whole company. Not the whole revenue stream or profit margin. Just a “loss”.Substack
Windows 11 24H2: Weitere Update-Sperre dank Ubisoft-Patch entfernt
Immer noch sind jede Menge Safeguard Holds aktiv, die Nutzer daran hindern, ihr System auf die aktuelle Version von Windows 11 zu aktualisieren. Jetzt ist jedoch eines der ursächlichen Probleme behoben worden.Felix Krauth (WinFuture.de)
Core Ultra: Nächster Patch soll Intel-CPUs bis zu 97% schneller machen
Bei Intel versucht man alles, um die eigenen Core-Ultra-200S-Prozessoren noch zu retten. Ein weiteres BIOS-Update soll die Leistung der Desktop-CPUs jetzt endlich substanziell verbessern.Felix Krauth (WinFuture.de)
[
Sequoia 15.2]Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/
#apple #macos #update #it #security #privacy #engineer #media #tech #news
![[ImageSource: Microsoft]
Storagekitd SIP-related Entitlements.
"System Integrity Protection (SIP) serves as a critical safeguard against malware, attackers, and other cybersecurity threats, establishing a fundamental layer of protection for macOS systems," Microsoft said now in a report that provides more technical details on CVE-2024-44243.
"Bypassing SIP impacts the entire operating system's security and could lead to severe consequences, emphasizing the necessity for comprehensive security solutions that can detect anomalous behavior from specially entitled processes."
Microsoft security researchers have discovered multiple macOS vulnerabilities in recent years. A SIP bypass dubbed 'Shrootless' (CVE-2021-30892), reported in 2021, also allows attackers to perform arbitrary operations on compromised Macs and potentially install rootkits.](https://nerdculture.de/system/media_attachments/files/113/849/542/427/926/335/original/fd3a96df722449c5.png "[ImageSource: Microsoft]
Storagekitd SIP-related Entitlements.
\"System Integrity Protection (SIP) serves as a critical safeguard against malware, attackers, and other cybersecurity threats, establishing a fundamental layer of protection for macOS systems,\" Microsoft said now in a report that provides more technical details on CVE-2024-44243.
\"Bypassing SIP impacts the entire operating system's security and could lead to severe consequences, emphasizing the necessity for comprehensive security solutions that can detect anomalous behavior from specially entitled processes.\"
Microsoft security researchers have discovered multiple macOS vulnerabilities in recent years. A SIP bypass dubbed 'Shrootless' (CVE-2021-30892), reported in 2021, also allows attackers to perform arbitrary operations on compromised Macs and potentially install rootkits.")
Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions | Microsoft Security Blog
Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persi…Microsoft Threat Intelligence (Microsoft Security Blog)
Windows 11: Microsoft startet Zwangs-Update auf 24H2 für fast alle
Microsoft hat damit begonnen, Windows 11 24H2 auf kompatiblen Geräten automatisch zu installieren. Um das zu verhindern haben Nutzer lediglich die Möglichkeit, Aktualisierungen des Betriebssystems komplett zu pausieren.Felix Krauth (WinFuture.de)
Microsoft is warning of an issue when using a media support to install Windows 11 [version 24H2], that causes the operating system to not accept further security updates.
http://learn.microsoft.com/en-us/windows/release-health/status-windows-11-24h2#issues-might-occur-with-media-which-installs-the-october-or-november-update
#microsoft #windows #update #failures #it #security #privacy #engineer #media #tech #news
Windows 11, version 24H2 known issues and notifications
View announcements and review known issues and fixes for Windows 11, version 24H2learn.microsoft.com
#website #update
A fourth tab has been added on the front page.
https://pares.glosm.eu/index.php
Welcome page
GLOSM/PARES is a documentation website mainly focusing on the "war" in Gaza but in the context of international law. However, the website includes also the documentation regarding effects the "war" is causing, in particular in Western countries.GLOSM/PARES
Microsoft resolved 72 vulnerabilities in a variety of its products, including a zero-day [CVE-2024-49138 (CVSS score: 7.8)] that’s been exploited by attackers in the wild to execute code with higher privileges, and 16 critical vulnerabilities (all of which are remote code execution flaws).
https://msrc.microsoft.com/update-guide/releaseNote/2024-Dec
#microsoft #windows #update #it #security #privacy #engineer #media #tech #news
![It's worth noting that CVE-2024-49138 is the fifth actively exploited CLFS privilege escalation flaw since 2022 after CVE-2022-24521, CVE-2022-37969, CVE-2023-23376 and CVE-2023-28252 (CVSS scores: 7.8). It's also the ninth vulnerability in the same component to be patched this year.
The fact that CLFS has become an attractive attack pathway for malicious actors has not gone unnoticed by Microsoft, which said it's working to add a new verification step when parsing such log files.
The number of fixed bugs in each vulnerability category is listed below:
• 27 Elevation of Privilege Vulnerabilities
• 30 Remote Code Execution Vulnerabilities
• 7 Information Disclosure Vulnerabilities
• 5 Denial of Service Vulnerabilities
• 1 Spoofing Vulnerabilities
[This count does not include two Edge flaws that were previously fixed on December 5 and 6th.]](https://nerdculture.de/system/media_attachments/files/113/640/128/668/633/453/original/c83f6fda716e363d.jpeg "It's worth noting that CVE-2024-49138 is the fifth actively exploited CLFS privilege escalation flaw since 2022 after CVE-2022-24521, CVE-2022-37969, CVE-2023-23376 and CVE-2023-28252 (CVSS scores: 7.8). It's also the ninth vulnerability in the same component to be patched this year.
The fact that CLFS has become an attractive attack pathway for malicious actors has not gone unnoticed by Microsoft, which said it's working to add a new verification step when parsing such log files.
The number of fixed bugs in each vulnerability category is listed below:
• 27 Elevation of Privilege Vulnerabilities
• 30 Remote Code Execution Vulnerabilities
• 7 Information Disclosure Vulnerabilities
• 5 Denial of Service Vulnerabilities
• 1 Spoofing Vulnerabilities
[This count does not include two Edge flaws that were previously fixed on December 5 and 6th.]")
South Korea's parliament voted to block the president's martial law degree. What happens next?
The president must then notify the National Assembly of his decision — but if a majority of lawmakers vote to lift martial law, “the president shall comply,” according to the constitution.
The president’s cabinet must then “deliberate” and review the decision to lift martial law, according to the constitution.
Half-Life 2 is getting a major update in celebration of the classic title’s 20th anniversary. In addition to Steam Workshop support directly within the game, Valve has fixed bugs and restored some content, added new graphics settings, updated gamepad controls and a whole lot more.
https://www.half-life.com/en/halflife2/20th
#halflife2 #20th #anniversary #update #valve #retro #gaming #art #engineer #media #tech #news
![[ImageSource: Valve]
Valve says it also made massive updates to Half-Life 2’s maps, which will fix “longstanding bugs, restore content and features lost to time, and improve the quality of a few things like lightmap resolution and fog.” There’s a new option to play with the original launch day blood and fire effects as well, and Valve has updated Half-Life 2’s gamepad controls to “match” last year’s Half-Life 1 anniversary update.
<https://www.theverge.com/2023/11/17/23965754/half-life-25th-anniversary-update>
And finally Valve added 3.5 hours of new developer commentary within the game. The company also is printing an expanded second edition of the Raising the Bar book about the game’s development, which includes “the Half-Life 2 development story, with never-before-seen concept art from Episode One and Episode Two, along with ideas and experiments for the third episode that never came to be.” The book will return to print in 2025.
Maybe soon we’ll get Half-Life 3? Maybe?](https://nerdculture.de/system/media_attachments/files/113/577/684/200/655/584/original/8089c23e61417652.png "[ImageSource: Valve]
Valve says it also made massive updates to Half-Life 2’s maps, which will fix “longstanding bugs, restore content and features lost to time, and improve the quality of a few things like lightmap resolution and fog.” There’s a new option to play with the original launch day blood and fire effects as well, and Valve has updated Half-Life 2’s gamepad controls to “match” last year’s Half-Life 1 anniversary update.
<https://www.theverge.com/2023/11/17/23965754/half-life-25th-anniversary-update>
And finally Valve added 3.5 hours of new developer commentary within the game. The company also is printing an expanded second edition of the Raising the Bar book about the game’s development, which includes “the Half-Life 2 development story, with never-before-seen concept art from Episode One and Episode Two, along with ideas and experiments for the third episode that never came to be.” The book will return to print in 2025.
Maybe soon we’ll get Half-Life 3? Maybe?")
Half-Life 2 Anniversary Update
Experience Half-Life 2 all over again, with a brand-new commentary mode, improved graphics and gameplay options, Steam Workshop support, and more.Half-Life 2 Anniversary Update
#website #update: the page about how to use the website.
https://pares.glosm.eu/index.php/about-duplicates
How to use this website
GLOSM/PARES is a documentation website mainly focusing on the "war" in Gaza but in the context of international law. However, the website includes also the documentation regarding effects the "war" is causing, in particular in Western countries.GLOSM/PARES
Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities that “may have been actively exploited on Intel-based Mac systems”. As per usual, Apple didn’t share details about the attacks in which patched vulnerabilities are exploited.
[CVE-2024-44309 & CVE-2024-44308]
https://support.apple.com/en-us/121753
#apple #macos #update #it #security #privacy #engineer #media #tech #news
![Apple has transitioned to using Intel processors on Macs in June 2006 and stopped shipping them altogether in June 2023, after starting using its own silicon in 2020.
The two vulnerabilities “may have been actively exploited on Intel-based Mac systems”, but it’s unclear at this time whether that means that they can’t be exploited on Apple-based Macs.
[⚠️In any case, all MacOS Sequoia users should update their systems as soon as possible.⚠️]
CVE-2024-44309 affects WebKit, the browser engine used in the Safari web browser and all iOS and iPadOS web browsers, and can be triggered when it’s made to process maliciously crafted web content. It can enable a cross site scripting (XSS) attack.
CVE-2024-44308 affects JavaScriptCore (the built-in JavaScript engine for WebKit) and can likewise be exploited via maliciously crafted web content. It can lead to arbitrary code execution.
<Both vulnerabilities have been reported by security researchers Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG).>](https://nerdculture.de/system/media_attachments/files/113/550/115/235/161/948/original/b9eaecf4b0b1233b.jpeg "Apple has transitioned to using Intel processors on Macs in June 2006 and stopped shipping them altogether in June 2023, after starting using its own silicon in 2020.
The two vulnerabilities “may have been actively exploited on Intel-based Mac systems”, but it’s unclear at this time whether that means that they can’t be exploited on Apple-based Macs.
[⚠️In any case, all MacOS Sequoia users should update their systems as soon as possible.⚠️]
CVE-2024-44309 affects WebKit, the browser engine used in the Safari web browser and all iOS and iPadOS web browsers, and can be triggered when it’s made to process maliciously crafted web content. It can enable a cross site scripting (XSS) attack.
CVE-2024-44308 affects JavaScriptCore (the built-in JavaScript engine for WebKit) and can likewise be exploited via maliciously crafted web content. It can lead to arbitrary code execution.
<Both vulnerabilities have been reported by security researchers Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG).>")
About the security content of macOS Sequoia 15.1.1 - Apple Support
This document describes the security content of macOS Sequoia 15.1.1.Apple Support
Microsoft’s November Patch Update fixes 91 Windows security vulnerabilities, including 4 zero-days. The critical fixes address actively exploited flaws in Windows. It is strongly recommended that users apply these updates as soon as possible to mitigate possible security risks. Updates can be installed via Windows Update.
https://msrc.microsoft.com/update-guide/
#microsoft #windows #update #it #security #privacy #engineer #media #tech #news
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 & CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks.
https://source.android.com/docs/security/bulletin/2024-11-01
#google #android #update #zerodays #it #security #privacy #engineer #media #tech #news
#gaza #jabalia #kamaladwan #who #icj #icc #ihl
🔴 The Middle East Monitor #update:
Source: MEMO
https://www.middleeastmonitor.com/20241030-siege-and-starvation-death-surrounds-palestinians-in-gaza/
Any sufficiently bad update is indistinguishable from a malicious attack
#CrowdStrike #Windows #Update as #CyberAttack