New week, new happiness: Nine contributions from week 28.7 – 3.8 (KW31-2025) Favourite articles filleted and prepared, two Contributions from it spicy seasoned – exactly to my taste, the ‘wews of the week’.
ToolShell Reloaded | HBD Win10 | GG-WP-SCII | StopKillingGames | UniFiOS LegacyCloudKI | ABPvsSpringer | Gotham-in-BaWü | ransomware report
Article 1
New week, new SharePoint worries
The ToolShell exploits are apparently still highly dangerous and some of the current security measures of the last few days could probably be eliminated by a single slash. ⁇
SharePoint vulnerabilities: Microsoft's incomplete patches allow for more attacks
Current cyberattacks on Microsoft SharePoint systems show serious weaknesses in Microsoft's patch management. Using the so-called ‘toolshell’ attacks Zero-day gaps, which were discovered in May at the Pwn2Own hacking competition in Berlin.
The main problem: Microsoft's July 8 patches were incomplete and frighteningly easy to bypass. Kaspersky researchers have shown, that even a single additional slash in the URL was enough to break the protection. This created two new vulnerabilities (CVE-2025-53770 and CVE-2025-53771).
Timeline:
7 July: The First Attacks Begin
8 July: Microsoft releases incomplete patches
- July: Large-scale attack wave starts
20-21 July: Microsoft finally closes all the gaps
Particularly explosive: One of the vulnerabilities is very similar to a patched gap in VisualStudio as early as 2020 (CVE-2020-1147), suggesting that similar attacks may have worked undetected for years.
Eye Security identified over 400 compromised systems over the weekend. Microsoft blamed the attacks on three Chinese hacker groups. which also ransomware via Toolshell smuggled in.
In the last Heise.de Articles on the topic of 31.7, the issue – in particular Microsoft’s rather salami tactics and otherwise thin factual situation – is also examined in detail.
Conclusion: The case shows once again how important complete and carefully tested security updates are – and how dangerous half-hearted patches can be.
Article 2
Happy Birthday Windows 10
Tröööööööt ⁇
⁇ 29 July 2015 – 14 October 2025 ⁇
“Here is the “last” Windows spoiler alert: Was it not’
"End of support, upgraded but never forgotten."
“I'll be offline...”
Today we celebrate the 10th. Windows 10’s birthday – and at the same time we are preparing to say goodbye to a loyal digital companion who has accompanied us through a decade.
The Life and Work of Windows 10
Windows 10 was born as the ‘last Windows’ Microsoft would ever develop. Ha! How sweet was that naivety. It should live forever, constantly evolve and accompany us forever. Well, ‘eternal’ in the tech world is probably about 10 years.
The biggest achievements:
- The start menu comeback: After the Vista disaster and Windows 8 tile confusion, it brought back the beloved Start Menu with a modern twist
- Cortana: Microsoft's Brave Attempt to Keep Up with Siri and Google Assistant (Spoiler: didn't quite work out, but props for the try)
- Windows updates: Forced updates that came whenever you needed them the least – usually 5 minutes before important presentations
- Edge browser: The browser you used to download Chrome
- DirectX 12: Gaming has finally been taken seriously again. YAY!
The indispensable idiosyncrasies:
- Mysterious restarts in the middle of the night
- The famous ‘Please wait, we'll set up some things for you’ screens
- Automatic driver updates that sometimes broke more than repaired
- The ability to out of the blue 100% Achieving CPU Usage
The approaching end
On October 14, 2025, Microsoft will discontinue support for Windows 10. Yes, read correctly – the ‘last Windows’ is retiring and making room for Windows 11, waving TPM chips and new hardware requirements like a bouncer in front of an exclusive club.
Millions of computers then become ‘legacy systems’ – a fancy term for ‘too old for the new stuff, but too good for the trash’.
In loving memory
Windows 10, you weren't perfect. You were sometimes annoying, often stubborn, and occasionally unpredictable. But you were OUR Annoying, stubborn and unpredictable operating system. <3
You carried us through home office marathons, enabled gaming sessions into the early hours of the morning and were there when we learned that ‘zoom fatigue’ is a real word.
Last words
‘May your task manager reply forever, your updates never come out of time and your Blue Screen of Death sleep in perpetual peace.’
This is how we all live in peace – until Windows 12 comes along and explains to us why we should have skipped Windows 11.
⁇ To the next 10 years of digital chaos!
Article 3
Happy 15th Birthday, Starcraft II – GG WP
Legendary RTS! ⁇
27 July 2010 - Eternal in our hearts
15 years have passed since StarCraft II: Wings of Liberty captured our screens on July 27, 2010 and once again captivated millions of gamers after BroodWar and W3TFT. You're not just a game – you've always been our e-sports king!
Hall of Fame Achievements:
- Korean God fashion: Made Korean Players Gaming Legends
- APM Monster: Taught us that 300+ actions per minute are normal
- Zerg Rush Kekeke: Chaos in under 5 minutes
- Micro vs. Macro: The Eternal Gamer Philosophy
- "Hell, its about time!" – The phrase that shaped a generation
The Wings of Liberty Intro still gives me goosebumps 15 years later. Could be because this bass at the Blizzard stand at GamesCom 2009 has eaten into my guts.
The Holy Trinity:
- TERRAN: What am I going to shoot for, sir?
- PROTOSS: Teleportation: It's successful.
- ZERG: We need more overlords.
⁇ What you taught us:
- Multitasking at the professional level
- Crazy APM
- That ‘Easy AI’ is sometimes not so easy
- Korean Pro Gaming is a Different League
- Hotkeys are life
- ‘En Taro Adun!’ It just sounds epic
You've shaped generations of gamers, written esports history, and proven that RTS never goes out of style!
My life for Aiur... and for another 15 years of StarCraft addiction!
Interested or lusty? I got you covered! More info here:
PROTOSS POWER! ZERG SWARM! TERRAN DOMINION!
#StarCraft2 #RTS4Life #YouMustConstructAdditionalPylons
Article 4
One last chance: The Stop Killing Games Initiative
The Stop Killing Games petition, one of the most important campaigns in recent video game history, will end on 31 July 2025.
This initiative has drawn the attention of millions of players worldwide to a pressing problem: The destruction of video games. But what exactly is this about and why is this petition so important?
What's behind Stop Killing Games?
The Stop Killing Games initiative was launched to protest against the practice of game developers and publishers ‘killing’ their own games, i.e. shutting down their online services. This usually applies to games that do not have an independent offline component and thus become completely unplayable after the shutdown. Activists argue that this is not only a disregard for buyers, but also a destruction of cultural heritage. After all, video games, just like movies or music, are part of our culture. When a game disappears, a piece of history is lost.
The petition calls, inter alia, for the application of Article 17(1) of the Charter of Fundamental Rights of the European Union and further Legislation, It prevents games from being removed from the market. She suggests that publishers must pass the source code and server emulations to archives or the community before shutting down the servers. This ensures that the games can be continued and archived by the players themselves.
On the side of the movement is a detailed FAQ on the motives and objectives.
The importance of the Stop Killing Games movement
The movement has a broad discussion of the Responsibility of publishers and developers kicked off. When a player buys a game, does he only buy a limited-time license? Or does he have a right to have the game playable in the future? These questions have become increasingly relevant with the rise of pure online games (such as MMOs or loot shooters).
Another argument is the Preservation of gaming heritage. Many of the games threatened by server shutdown are milestones in game history. If they disappear, the next generation of players will no longer be able to have these experiences. The Stop Killing Games movement aims to: Long-term accessibility of games to save them from oblivion.
What happens now that the petition ends?
Even if the Petition By the end of July 31, the battle is far from over. The Collected signatures It sends a strong signal to industry and politics. The initiators plan to submit the petition to the relevant institutions in order to maintain the pressure.
In addition, the movement has shown that the players have a strong voice. Many publishers have already responded to the pressure and tried to find solutions. For example, some have released the source code of older titles or announced that they would at least develop an offline mode for their games. Even if these are only small steps, it is a sign that the attitude in the industry is changing.
And how is this petition supposed to save games now?
Here I quote directly the FAQ:
If companies threaten penalties for destroying copies of games they have sold, this behavior is very likely to be curbed. If a company is forced to allow customers in just one country to keep their games, it becomes a trivial problem for them to implement these fixes worldwide. For example, if it were illegal in France to destroy a game you bought, companies patching the game would likely apply that patch worldwide.
A comparison to this process is how the ACCC forced in Australia Valve, Offer refunds on Steam, Valve eventually offered them worldwide.
Conclusion:
The fight to preserve video games is not a noble goal for some, but there are obviously millions of people in the EU Member States alone who care about it. The petition may be over now, but the awareness it has created remains. It remains to be seen what the EU will do with it. But this is a call to all of us not to watch silently if our favorite games of this morning could have disappeared. It is a reminder that we as players also have a power and that this power can be used to create a better, more sustainable gaming industry.
Article 5
Ubiquiti introduces a new version of its UniFiOS server, this time completely locally installed.
According to Microsoft’s helpful statement ‘Would your SharePoint run in our cloud instead of on-premises you would not be affected by ToolShell now’, that certainly again some more in probably not necessarily necessary cloud solutions forces a welcome change.
The article introduces the new UniFi OS Server A solution for managed service providers (MSPs) and enterprises that enables them to run UniFi network applications on their own hardware. This includes servers, virtual machines and edge appliances, giving users full control over their resources and data.
Benefits of full local hosting:
Reliability: UniFi OS can also be operated without an internet connection, which ensures predictable performance.
Full control: You have complete control over CPU, memory and storage space.
No restrictions: The self-hosted version offers all the features of the latest UniFi technologies, such as InnerSpace and Site Magic SD-WAN, without any restrictions.
No royalties: There are no license or subscription costs.
Data sovereignty: By hosting on your own hardware, the data remains local and under your control, which simplifies compliance with data protection regulations.
Scalability: The solution can centrally serve multiple customer locations and can be easily integrated into existing infrastructures for backup, monitoring and DevOps.
Is it Christmas today?
Article 6
The future of IT: A balancing act between legacy, cloud and AI – lessons learned from the Lünendonk study
Digital transformation has become a central issue for companies in all industries. But many face a paradoxical situation:
At Golem.de I'm over this Article stumbled: While the demand for more agility and data-driven processes is growing, their IT landscapes are still shaped by legacy systems that have grown. The Lünendonk study 2025 illuminates this area of tension and shows that the pressure to modernise is increasing significantly.
The pressure to modernize is increasing: Why old systems are reaching their limits
The results of the study make the need for action clear: 62 % of the companies surveyed indicate that parts of their business-critical applications no longer meet current and future requirements and need to be renewed. Technical limitations in existing systems have a negative impact on the business and digitalization strategy of more than half of the companies.
The main drivers of this modernisation need are manifold:
- Safety and regulation: Increased safety and regulatory requirements for 97 % Respondents are an important driver. Legacy systems often have vulnerabilities and are more vulnerable to cyberattacks.
- Loss of knowledge and shortage of skilled workers: Half of the companies no longer ensure the operation and further development of legacy systems in the medium term. This is due to dwindling know-how and demographic change. One third of companies find it difficult to assess the value and potential of their legacy systems due to a lack of documented knowledge.
- Maintenance and costs: The maintenance and servicing of legacy systems is no longer supported by manufacturers or causes rising costs.
It is interesting to note that the need for modernisation is not necessarily limited to age-old systems. Nearly two-thirds, 63 % Of the business-critical applications to be modernized, only 5 to 10 years old. Faster innovation cycles and changing market demands mean that even younger applications are quickly becoming obsolete.
The role of the cloud: From a "massive shift" to a strategic decision
The cloud is a central pillar of IT modernization. The study speaks of a ‘massive shift’ to the cloud. Many companies rely on hybrid models that combine cloud and on-premise components to combine innovation, control and security. Also at heise.de you will find an article on the subject. When choosing cloud providers, price stability, customer-oriented pricing and billing models and collaboration on an equal footing are crucial.
An important finding of the study is that even cloud solutions are not ‘modern’ per se. At 90 % Of the companies surveyed, there is a need for modernization in cloud-based applications. This shows that it is critical how cloud solutions support current and future business needs.
AI as an accelerator: Transformation instead of hype
Artificial intelligence, in particular generative AI, is not excessive hype, but a ‘transformation accelerator’. Instead of manual analysis, AI enables the automated evaluation of complex legacy systems. It helps to analyze dependencies, document logics and identify weak points. This allows technical bottlenecks to be overcome more quickly and modernisation processes to be made more efficient. Organizations see the greatest value from AI in detecting vulnerabilities, understanding program logic, and documenting legacy systems.
Conclusion: Modernization as a continuous process
The Lünendonk study makes it clear that IT modernization is not a unique technical task, but a strategic necessity. It is a continuous adaptation process that takes into account technological, economic and regulatory changes. Success depends on integrative planning that combines technological, organizational and cultural aspects.
A ‘one size fits all’ approach does not exist. Instead, companies must choose a strategy that meets their individual operational requirements and strategic ambitions.
Article 7
BGH-judgment on advertising blockers: Copyright grey area revealed in ad blockers
The Bundesgerichtshof (Federal Court of Justice, BGH) has made an important decision on the copyright admissibility of advertising blockers in its judgment in Advertising Blocker IV (Az. I ZR 131/23).
Press release No. 148/2025 of the Federal Court of Justice of 31 July 2025
The ruling shows that the legal assessment of ad blockers is more complex than previously thought and raises new questions about the protection of websites as computer programs.
The case at a glance
At the heart of the dispute is the Axel Springer Verlag as plaintiff, which operates several online portals, against Eyeo GmbH, the provider of the well-known advertising blocker ‘Adblock Plus’. The publisher had already filed its new lawsuit in 2019 after pre-2018 the BGH the general use of advertising blockers Declared admissible in Springer's action. The applicant still sees the ad blocker as a violation of its copyright claims on the websites.
The technical situation is complex: When users visit a web page, the browser loads HTML files and creates various data structures (DOM node tree, CSS structures) from them, which are finally merged into a rendering tree structure. The ad blocker intervenes in these structures and ensures that advertising elements are not displayed.
The applicant’s legal position
The publishing house argued that its websites should be classified as computer programs within the meaning of Paragraph 69a(1) of the UrhG on the basis of the control elements contained therein. The DOM and CSS structures generated by the browser are expressions of this programming and share their copyright protection.
Specifically, the applicant complained that the defendant:
- Unauthorised reproductions after Section 69c(1) UrhG
- Unauthorised conversions after Section 69c(2) UrhG
Yes, right, you come out here with the same law, but once I have you dejure.org and once gesetze-im-internet.de linked.
The BGH decision: Back to Lot
The BGH partially annulled the appeal judgment of the Hamburg Higher Regional Court and referred the case back to the Court of Appeal ‘for further findings’. This decision is remarkable because it shows that the lower instances have not sufficiently appreciated important aspects and represents a partial success for Axel Springer.
Key Criticisms of the BGH
In particular, the BGH criticised:
Unclear subject-matter: The court of appeal had not clearly determined which specific subject-matter was concerned and which features justifying protection were present.
Incomplete technical assessment: The specifics of browser technologies have not been sufficiently taken into account. Virtual machines such as browsers do not work with object code, but with byte code, which in turn creates object code.
Possible copyright protection: The BGH clarified that ‘it cannot be ruled out that the byte code or the code created by it is protected as a computer program and that the advertising blocker has interfered with the exclusive right to do so by means of reworking or altering reproduction’.
Importance for practice
This decision has far-reaching implications for various actors:
For website operators: The ruling potentially strengthens the position of publishers such as Axel Springer and other website operators. After years of unsuccessful competition lawsuits, the copyright approach opens up new perspectives. It shows that under certain circumstances websites can be qualified as copyrighted computer programs, which opens up new defenses against ad blockers.
For advertising blocker providers: Legal uncertainty is increasing significantly. Providers of ad blockers such as Eyeo now have to reckon with the fact that their software interferes with copyrighted programs and triggers corresponding claims. The BGH ruling represents a turning point after Adblock Plus had so far won all legal disputes.
For users: The decision could affect the availability or functioning of ad blockers in the long term if the case law develops in favour of the website operators.
For lawyers: The ruling highlights the need for a detailed technical analysis of copyright disputes in the digital domain.
Classification in the previous case-law
The judgment is the fourth in the BGH’s ‘advertising blocker’ series and shows the ongoing debate of the judiciary on this issue. The years of litigation between Axel Springer and Eyeo have already gone through several legal levels.
Background to the dispute: Axel Springer has been trying to stop Adblock Plus legally for years. With a competition lawsuit, the publisher had already been unsuccessful before the Federal Court of Justice in 2018. At that time, the Federal Court of Justice did not regard Eyeo's offer as unfair competition or an unlawful aggressive commercial practice. The decision on the use of the advertising blocker lies with the user of the websites and not with the defendant company, according to the BGH at the time.
After the competition law approach had failed, Axel Springer changed strategy and sued on the basis of copyright in 2019 – with the partial success now available.
The decision is in line with the tendency of case law to interpret the copyright protection of software widely. At the same time, however, it also shows the limits when it comes to the exact determination of the subject-matter of protection.
Technical implications
Particularly interesting is the emphasis of the BGH on the technical peculiarities of browser engines. The distinction between object code and byte code could become groundbreaking for future decisions in the field of software copyright.
The finding that virtual machines such as browsers are controlled by by bytecode, which in turn creates object code, shows the complexity of modern web technologies and their legal evaluation.
What Affected People Should Do Now
As a user of ad blockers, you can sit back and relax and maintain the current status quo. This decision requires content providers, as well as providers of technical measures to block advertising, to reconsider their strategies.
Outlook: What's next?
The referral back to the Higher Regional Court of Hamburg means that the final clarification is still pending. The court of appeal must now make detailed findings on the technical processes and the copyright-relevant aspects.
Further procedures on this topic are expected to develop in the future. The decision could also affect other browser extensions that interfere with the presentation of web pages.
conclusion
The BGH judgment ‘Ad blocker IV’ marks an important turning point in the legal assessment of ad blockers. While the final decision is still pending, the judgment already shows that the copyright dimension of advertising blockers must not be underestimated.
The ‘pro choice’ BGH decision of 2018 This means that every user can decide for himself whether he uses ad blockers - but content providers can also decide in return whether you still grant access to the user with blockers, which has been the de facto standard for the last 7 years, now seems to be at least wobbling.
The decision highlights the need for differentiated technical and legal analysis when evaluating software that interferes with existing computer programs. It could become groundbreaking for the further development of copyright in the digital age.
Article 8
Baden-Württemberg introduces controversial Palantir software for the police
After a long political dispute, the Green-Black coalition in Baden-Württemberg has agreed on the introduction of Palantir’s US analysis software ‘Gotham’.
As, among other things: it-daily.net reports From the second quarter of 2026, the police in the southwest will be able to take action against criminals, terrorists and abusers.
What can the software do?
‘Gotham’ has been developed specifically for security agencies and is already used by intelligence services, military and police worldwide. The program can automatically evaluate and link millions of data from various police databases and surveillance material. It reveals connections between people, places and events that would take days manually – with the software in just a few minutes.
Important: The software only has access to existing police data, but does not collect any new ones. However, for example, data from witnesses can also be linked to completely different cases.
Success in other federal states
Bavaria, Hesse and North Rhine-Westphalia are already relying on the Palantir software with impressive results. In Bavaria, the program has been used 97 times since September, with around 200 trained analysts working with it. In NRW, ‘Gotham’ helped to reveal the identity of a man who allegedly abused a 13-year-old girl, using only a nickname and a phone number with fake data.
Why the controversy?
The software is criticized for several reasons:
- Data protection: Critics fear that police data could flow into the US and warn against excessive data collection. Although the Fraunhofer Institute did not find any hidden backdoors in the code, the Society for Civil Liberties is still suing in the Constitutional Court.
- Peter Thiel: The Palantir co-founder is known for his libertarian, right-wing conservative positions and his closeness to Donald Trump. Many Europeans see it as critical to make security-relevant infrastructure dependent on US companies. The Ministry of the Interior, however, argues that Thiel holds only about seven percent of the company's shares.
- Legal basis: The police had already concluded a five-year contract without an exit clause before the legal basis was created – a point that was particularly criticised by the Greens.
Control and security
To alleviate concerns, special safeguards have been agreed:
- Parliamentary supervision by the supervisory body of the Landtag
- Regular IT security reports
- Operation exclusively in secured German data centers under police authority
- Separated from the public network
- Exclusion of access by foreign authorities
Costs and future plans
The contract costs 25 million euros over five years, payments start as early as autumn – without an exit clause. However, Interior Minister Thomas Strobl (CDU) stressed that Palantir was only an ‘intermediate solution’ and ‘bridge technology’. A cooperation with Airbus Defence and Space and Schwarz Digits is to develop a sovereign European alternative in the long term.
The political compromise
The initially skeptical Greens finally agreed after extensive control mechanisms were agreed. Prime Minister Kretschmann argued that the software could prevent worse in acute danger situations. The complex implementation is expected to take around three years – the same time it took Bavaria to implement it.
Article 9
Ransomware 2025: Fewer attacks, but more companies pay ransom
The latest findings of the "State of Ransomware 2025“Sophos reports show a worrying development: As the number of cyberattacks decreases, the willingness of companies to pay ransom increases.
On security-insider.de I read the following: Almost one in two companies in the world has already paid – in Germany as much as 63 percent: You can see an increased willingness to pay, but in comparison moderate sums.
The international comparison reveals these interesting regional differences. At 63 percent, German companies show an above-average willingness to pay ransoms, but pay comparatively moderate amounts. The average ransom demand in Germany was 600,000 dollars (~525,000 euros), the actual payments were 412,000 dollars (~360,000 euros). In the UK, on the other hand, claims of $5.37 million were made and $5.20 million were paid, while in Italy the claims amounted to $4.12 million and $2.06 million were paid.
Negotiation success: Companies reduce ransom payments
A positive development can be seen in the Growing Negotiating Power the companies. More than half (53 percent) now pay less than originally demanded. In Germany, this was achieved by 47 percent of the companies concerned, and in Switzerland by as much as 65 percent.
The figures speak a clear language: The average ransom demand fell by a third internationally, while actual payments fell by 50 percent. This suggests that companies are learning to deal with ransomware situations more professionally.
Vulnerabilities remain the main gateway
Despite all the technological advances, the causes of successful attacks remain appallingly constant. For the third year in a row, exploited vulnerabilities were the most common technical cause of ransomware attacks. Forty percent of all victims reported that attackers exploited unknown security vulnerabilities, up from 45 percent in Germany.
These figures highlight the ongoing difficulties faced by companies in fully surveying and securing their attack surface.
Personnel shortages as a critical risk factor
In addition to technical weaknesses, resource problems prove to be a decisive factor. Sixty-three percent of the companies surveyed worldwide confirmed that resource scarcity contributed to the successful attack.
German companies are still above this average at 67 percent. This is another reason why measures such as NIS2, KRITS, DORA and others are right and important to channel resources into security.
Particularly serious is the lack of expertise in larger companies (over 3,000 employees), while smaller companies (251-500 employees) suffer mainly from staff shortages.
Light at the end of the tunnel
Despite the worrying willingness to pay, there are also positive developments. 44 percent of all attacks are stopped before data can be encrypted. This shows that monitoring functions and early detection are increasingly being used by tools such as XDR (Extended Detection and Response).
Protection strategies for the future
Sophos recommends companies take a multi-layered approach:
Technical measures:
- Systematic vulnerability remediation
- Special anti-ransomware protection for all devices
- Regular backup tests and data recovery exercises
Organisational measures:
- Creation and regular updating of incident response plans
- 24/7 monitoring by internal teams or external MDR providers
- Investments in specialist staff and further training
Conclusion:
A double-edged sword, the current numbers draw a mixed picture: While the technical protection measures are effective and fewer attacks are successful, the high willingness to pay remains problematic. From a cybercriminal perspective, average payments of $1 million mean that ransomware remains a lucrative business.
Companies must therefore invest more in preventive measures instead of relying on negotiation skills in the event of an emergency. Only through a combination of technical excellence, sufficient human resources and professional preparation can the ransomware risk be sustainably minimized.
This time there is also a short, crisp TL:DR
So, now only the well-known colleague with the Asian roots and clever sayings is missing. No, not Mr. Miyagi – this is another construction site. I'm talking about IT security. CISO Sun-Tsu says this week:
The greatest victory is without struggle.!
Optimize your IT infrastructure so that vulnerabilities are fixed in advance and attacks cannot be successful in the first place. Prevention is better than reaction.
EN 
DE 
ES 
FR 
IT 