Barny-Bit-avatar
Barny-Bit 66 days ago
Barny-Bit has registered
Focus: Other systems - User group: Database Administrator.
32dentalcare-avatar
32dentalcare 66 days ago
32dentalcare has registered
Focus: Project Management and Agile Methods - User group: Marketing.
Barbara5-avatar
Barbara5 67 days ago
Barbara5 has registered
Focus: Business and System Integration - User group: Editor.
suneo09-avatar
suneo09 67 days ago
suneo09 has registered
Focus: E-Commerce and Online Marketing - User group: Developer.
ozan29-avatar
ozan29 68 days ago
ozan29 has registered
Focus: Business and System Integration - User group: Marketing.
Fintechnologies-avatar
Fintechnologies 70 days ago
Fintechnologies has registered
Focus: Web Development (Front-/Backend) - User group: Developer.
danielrichter1996-avatar
danielrichter1996 80 days ago
danielrichter1996 has registered
Focus: Development - User group: Developer.
Dani-avatar
Dani 82 days ago
Information
Windows and Office configuration support matrix
Support for Microsoft 365 Apps is defined by the Modern Lifecycle Policy, which requires customers to maintain an up-to-date configuration in order to stay in support. Support for non-subscription versions of Office is defined by the Fixed Lifecycle Policy, which offers a fixed term of support regardless of configuration.

2024-12-02 21_20_41

Source: Link


Regards,
Daniel
zimbosmurf-avatar
zimbosmurf 85 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
I did update all drivers and BIOS using the vantage tool, behavior didn't change.

While the problem originally seemed to only appear in Visual Studio, during the investigation it turned out that it also appears in other applications like the file explorer.

Laptop is sent in for warranty now.
waltermarkus-avatar
waltermarkus 85 days ago
waltermarkus has registered
Focus: Server virtualization - User group: Administrator.
katuscat1-avatar
katuscat1 85 days ago
katuscat1 has registered
Focus: Security - User group: Software Tester.
Gremigio-avatar
Gremigio 86 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
Thank you very much for the comment, I had those same settings but somehow it generated errors so I decided to configure it completely with the guide that you provided me and it worked for me.

Thank you very much
151081-avatar
151081 86 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
The error message is clear and can be read in the log

screenshot

You have not modified the configuration to fit the needs for your database system. So open /etc/raddb/mods-enabled/sql and change the line dialect line to
dialect = "mysql"
and comment out the line with "rlm_sql_null" and remove the comment from the next line
#	driver = "rlm_sql_null" 
        driver = "rlm_sql_${dialect}"
Then inside the section sql {} add the correct connection details to your database
# server address
server = "localhost"  
# server port
port = 3306
# username 
login = "radius"  
# password 
password = "Passw0rd"  
# database name
radius_db = "radius"
Afterwards restart the radius service.
ukulele-7-avatar
ukulele-7 86 days ago
1 comment
Comment: Re-release of November 2024 Exchange Server Security Update packages
Quote from @ukulele-7:

I uninstalled the withdrawn update over the weekend (twice, for whatever reason). Then KB5037224 was installed immediately afterwards (Exchange 2019).

https://www.borncity.com/blog/2024/04/24/exchange-server-april-2024-hotf ...
This is a hotfix, but I'm assuming that KB5044062 has been withdrawn and that KB5037224 replaces it completely.

Exchange November Updates verursachen Probleme mit Transport Regeln!

Then I must have got it wrong, otherwise it would be a re-re-release or something. Lots of updates recently.

I had to install hotfix KB5037224 one or two days after KB5037224v1 was released and installed / uninstalled by me. So I guessed this might have been the hotfix in this case already - seems I was wrong.
objectways-avatar
objectways 86 days ago
objectways has registered
Focus: Business and System Integration - User group: Application Specialist.
firefly-avatar
firefly 87 days ago
Information
Malware Romcom exploits zero-day vulnerabilities in Firefox and Windows
Security researchers at Eset have discovered a serious threat that is currently being exploited in Germany and in US: A Russian hacker group is currently exploiting two new zero-day vulnerabilities in Windows to spread the "Romcom" malware.

"RomCom" (also known as Storm-0978, Tropical Scorpius, or UNC2596) is a dangerous piece of malware developed by Russian-Hackers that is attacking targets in Europe and North America. The malware can download additional malicious modules and execute commands on infected systems. It allows attackers to gain long-term access to compromised systems and exfiltrate data.

Affected are Firefox, the Tor browser, Thunderbird and Windows 11, Windows 10, Windows Server 2016, 2019, 2022, 2025.

Most critically, a simple visit to a compromised website is enough to infect. No user interaction (such as downloads or clicks) is required.

back-to-topRecommendation


Since the attackers exploit two vulnerabilities in combination, I recommend that you fix at least one vulnerability immediately. The Romcom malware can only spread if both vulnerabilities are present. Updating your Firefox version is very quick and easy. With Windows Update you should plan your timing better.

screenshot 2024-11-28 002131

back-to-topFirefox, Tor Browser, Thunderbird (the internal browser for viewing email)


Mozilla has fixed the bug CVE-2024-9680: Use-after-free in animation timeline on 9 October 2024 and released an update.

This means that all versions of Windows Firefox that were last updated before 9 October 2024 are affected.

Firefox (and software that uses the browser internally) should therefore be at least at these versions:

  • Firefox 131.0.2
  • Firefox ESR 128.3.1
  • Firefox ESR 115.16.1
  • Tor Browser 13.5.7
  • Tails 6.8.1 (a portable operating system that protects against surveillance and censorship)
  • Thunderbird 115.16
  • Thunderbird 128.3.1
  • Thunderbird 131.0.1

See also: Behind the Scenes: Fixing an In-the-Wild Firefox Exploit

The Tor Browser and Thunderbird should also be updated to the latest version.

back-to-topWindows 11, Windows 10, Windows Server 2016, 2019, 2022, 2025


Microsoft fixed the bug CVE-2024-49039 on 12 November 2024.

This bug is fixed in the following versions of Windows. It exists in all the versions below:

Windows 11:

  • Version 24H2 (Build 10.0.26100) for x64 and ARM64
  • Version 23H2 (Build 10.0.22631) for x64 and ARM64

Windows 10:

  • Version 22H2 (Build 10.0.19045) for 32-bit, x64, and ARM64
  • Version 1809 (Build 10.0.17763)
  • Basic version (Build 10.0.10240) for 32-bit

Windows Server:

  • Server 2025 (Build 10.0.26100)
  • Server 2022, 23H2 Edition (Build 10.0.25398)
  • Server 2019 (Build 10.0.17763)
  • Server 2016 (Build 10.0.14393.7515)
  • Server 2016 Crore (Build 10.0.14393.7515)

All updates fix the Elevation of Privilege vulnerability.

The appropriate security update for your version of Windows can be downloaded here.

Alternatively, you can use the automatic update feature.

I wish you good luck!

Regards
@firefly
Dani-avatar
Dani 87 days ago
Information1 comment
Re-release of November 2024 Exchange Server Security Update packages
Today we are re-releasing the November 2024 SUs for Exchange Server. The original release of these SUs (released on 11/12/2024) introduced an issue with Exchange Server transport rules stopping after a certain amount of time in some environments. The re-released SUs resolve this issue.

To help you understand how to move forward, in this post we use the following naming convention to distinguish between the original November 2024 SU and the re-release:
*Nov 2024 SUv1: original November 2024 SU (released on 11/12/2024 with article KB5044062)
*Nov 2024 SUv2: re-released November 2024 SU (released on 11/27/2024 with article KB5049233)

Read more: https://techcommunity.microsoft.com/blog/exchange/re-release-of-november ...
Gremigio-avatar
Gremigio 88 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
I'm reviewing what you sent me since I finished the test. I'll let you know.

Thank you very much bro.
aqui-avatar
aqui 88 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
Take a look at a local tutorial:
Freeradius with database and GUI which describes all steps in detail. Use a translator to read it in English or your language of choice. face-wink
In case you have the database on a separate server the most important config is under /etc/freeradius/3.0/mods-available/sql
Instead of "localhost" in the connection you have to setup the database IP address here. In case you need to encrypt the session you maybe want to activate all the TLS settings in the connection screenshot above. You should make sure that a ping between radius and database works and proofs a running IP connection. Database ports should be open in a firewall and in the database setting itself so that it accepts remote access. There are also some easy checks for a remote client connectivity:
https://mariadb.com/kb/en/configuring-mariadb-for-remote-client-access/

If database and Radius Server are on the same system (localhost) just follow the above tutorial!! This will bring things instantly to work.
So far the posted debug output looks quite ok for the Radius authentication itself but looks like there is no network (or local) connection to the database and therefor the user "user1" could not be looked up and fails authentication.
Gremigio-avatar
Gremigio 88 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
In my case I have freeradius and mysql, the same Ubuntu operating system, and I have given all rights to the database.

When I perform the test from safe mode this is what I have
screenshot 2024-11-26 114911
NordicMike-avatar
NordicMike 88 days ago
6 commentsSolved
Comment: Freeradius and MYSQL
By default the MySQL Database is accepting local queries only. You have to grand privileges to the user@% (all localtions), then your radius server is not at the same computer like the database. If its a windows MySQL server then the TCPIP protocol is disabled by default in the MySQL server settings.
Dani-avatar
Dani 88 days ago
Information
Update on Exchange Server ADFS Modern Authentication support
We are pleased to provide an update regarding Exchange Server ADFS Modern Authentication support.

As of today, ADFS Modern Authentication is supported across all channels in Outlook within Microsoft 365 Apps. Additionally, this support extends to Outlook 2021 (Retail) and Outlook 2024. Our team is actively working on extending this support to additional platforms and clients.

We are happy to announce that ADFS Modern Authentication can now be utilized with the native Apple Mail application on macOS Sequoia and iOS 17.6.1 (or later).

Please note that supplementary configurations may be required for supporting additional clients. We have revised the documentation to outline the steps necessary for upgrading an existing ADFS Modern Authentication configuration.

Additionally, we have enhanced the documentation to simplify configuration processes by utilizing PowerShell commands instead of the graphical user interface. We have also increased the robustness of ADFS Modern Authentication setups.

The documentation is available at https://aka.ms/ExchangeADFSModernAuth.

Source: https://techcommunity.microsoft.com/blog/exchange/update-on-exchange-ser ...
Gremigio-avatar
Gremigio 88 days ago
Question6 commentsSolved
Freeradius and MYSQL
Hello,

I am working with freeradius and MYSQL. My goal is to authenticate users through the radius server with my users' database in mysql. I already have all the users created in mysql but when I try to establish an authentication I get the error that freeradius cannot establish the connection with the database.
em-pie-avatar
em-pie 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Quote from @StefanKittel:

Update the BIOS and Chipset too.
There is not much more you can do.

To keep the System up to date have a look at "Lenovo Vantage", available at Microsoft Store
When installed you can run a System update check. If there are any updates available, Vantage would install them.
StefanKittel-avatar
StefanKittel 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Update the BIOS and Chipset too.
There is not much more you can do.
zimbosmurf-avatar
zimbosmurf 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
The problem is that the error appears rarely and is difficult to trigger.

I have finished the driver updates and was not able to reproduce the error since.
Currently my colleague who works with the notebook is trying to trigger it a bit more extensively.

Haven't tried a Live Linux yet.

My first thought was also bad soldering or problem with the display cable, but the problem appears (appeared?) even if you were moving the mouse cursor with a wireless mouse with absolutely no physical movement or pressure to the notebook.

I am hoping that the driver update fixed it.
terrafirma-avatar
terrafirma 88 days ago
terrafirma has registered
Focus: Windows server - User group: Administrator.
zida2k-avatar
zida2k 88 days ago
zida2k has registered
Focus: E-Commerce and Online Marketing - User group: Manager.
Spirit-of-Eli-avatar
Spirit-of-Eli 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Hey,

does the error occurs even if you boot an Linux live Stick?

Regards
Spirit
StefanKittel-avatar
StefanKittel 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Hello, I've seen such display errors with faulty GPU RAM.

When does this error appears?
BIOS? Linux Boot Stick? Windows safe mode?

Stefan
151081-avatar
151081 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Have seen a similar problem on a Lenovo, the problem was bad soldering of the GPU-Chipset so slight pressure on the keyboard or mouse pad leaded to theses horizontal lines because of motherboard bending. It was fixed by reballing the GPU chipset. Before sending to repair check the functionality under a live linux, if this problem does not appear here it's a software rather than a hardware problem..
zimbosmurf-avatar
zimbosmurf 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
This problem was only brought to my attention today. I am currently updating drivers to see if that fixes the problem. But due to the short leftover warranty I wanted to ask immediately if anyone has seen this before...
cse-avatar
cse 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Hi,

might be a driver problem, have you ever updated driver of GPU and mother board?
kpunkt-avatar
kpunkt 88 days ago
10 comments
Comment: Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
I've never come across this myself before.
It really looks as if this is a software error because it is so specific. However, it is also possible that the GPU is picking up something (frequency or whatever, or even just a cable error) with these two programmes, which then makes a hardware error visible on the display in combination with the GPU.
I would rather let Lenovo laugh and turn it into a warranty case.
zimbosmurf-avatar
zimbosmurf 88 days ago
Question10 comments
Strange display problem, unsure if hardware or software, on Lenovo Yoga 13
Hi!

We have one Lenovo Yoga 13 Notebook that shows some screen issues.

As you can see in the following images, there are orange "lines" appearing in the upper third of the screen sometimes:
img_8506
img_8504
img_8505

The strange things are:

- the lines are triggered by mouse pointer movement, not physical movement of the notebook or display hinge
- We can only trigger these lines in Microsoft Visual Studio, however, we can trigger them in Visual Studio 2013 as well as 2022

There are 5 days of warranty left on this device and I am afraid that Lenovo will laugh at me if I claim this as a warranty problem. It seems rather like a software- than like a hardware problem to me.

Has anybody else ever seen something like this before?
Makusu-avatar
Makusu 93 days ago
Makusu has registered
Focus: Networks - User group: Network Administrator.
mody200-avatar
mody200 93 days ago
mody200 has registered
Focus: Windows server - User group: Administrator.
Brahim-avatar
Brahim 94 days ago
Brahim has registered
Focus: Server in general - User group: Administrator.
Debra54-avatar
Debra54 95 days ago
Debra54 has registered
Focus: Blockchain/Cryptography - User group: Application Specialist.
terga09-avatar
terga09 96 days ago
terga09 has registered
Focus: Blockchain/Cryptography - User group: Cloud Architect.
M.Amalie-avatar
M.Amalie 98 days ago
4 commentsSolved
Comment: Migrate from Google WorkSpace to Office 365
Finally solved, I used Gs Richcopy 360, the Enterprise edition, it did the task very well
Thanks all for your help
verbasoft-avatar
verbasoft 99 days ago
verbasoft has registered
Focus: Web Development (Front-/Backend) - User group: Developer.
Sahra36-avatar
Sahra36 99 days ago
Sahra36 has registered
Focus: Windows in general - User group: Administrator.
rcdevs-avatar
rcdevs 99 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
Thank you, @c.r.s., for your pertinent answer! 😊
C.R.S.-avatar
C.R.S. 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
Quote from @rcdevs:

Is real-time leak detection the future of password management? What do you think?

No, because it confuses different threats and precautions, putting the latter into a context in which they are not effective.
Checking against known and weak password DBs is primarily a password quality measurement applied during password creation. It can be used for the suggested monitoring purpose, if it is considered that it detects password leaks with the considerable time delay that it takes to collect leaked passwords in the wild, that it should be expected to detect password re-use or mass psychology rather than leakage from the monitored source, and that traded leaked password databases are basically leftovers for which the skilled attacker who initially obtained the database has no further use.

Indeed, if you actually detect a data breach of the monitored source, an ad-hoc rotation (among other means) would counter that. Regular password rotation, on the other hand, is not meant to protect against such data breaches but to counter the time decay in confidentiality that affects passwords which are subject to systematic risk of disclosure, i.e. entered manually. These passwords are usually picked up through shoulder surfing or CCTV and never make it into a database release; and in most cases they are never used for malicious purposes, but with confidentiality as a key requirement for a password, you want to re-establish it from time to time.
kpunkt-avatar
kpunkt 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
What is a Showcase?
rcdevs-avatar
rcdevs 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
You asked, I replied.
Your comments aren't really relevant. face-smile
Other solutions, like Google and Apple, also offer similar features for personal accounts.
Would companies change their minds with this kind of feature... Here is the question
150940-avatar
150940 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
I told you so... self-promotion.
rcdevs-avatar
rcdevs 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
We implemented this in the OpenOTP server, but the purpose of the post was to gather feedback on whether it would be beneficial for companies and users (for users for sure) to replace the traditional password rotation routine with this type of mechanism.
150940-avatar
150940 100 days ago
13 comments
Comment: How about swapping password rotation fatigue for real-time leak detection?
So which system do you recommend?
PreviousMore