CIO Influence
CIO Influence News End-point Security

Security Alert: Automatic Remediate Zero-Day Exploit in MSDT with Syxsense Enterprise

Security Alert: Automatic Remediate New Zero-Day Exploit in MSDT with Syxsense Enterprise

Syxsense, a global leader in IT and security management solutions, is offering organizations a free 14-day trial of its Syxsense Enterprise cloud-based endpoint and IT management platform, which includes a pre-built remediation for the newly discovered Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability (CVE-2022-30190).

“This new MSDT vulnerability yet again reminds us that having mechanisms in place to quickly and effectively remediate and patch endpoint vulnerabilities is key to a strong security posture”

Register for the free trail of Syxsense Enterprise here and remediate the MSDT remote code execution vulnerability quickly.

Latest ITechnology News: Rafay Systems Launches Unified Kubernetes Operations Support for Converged Infrastructure

The MSDT flaw impacts all Windows versions receiving security updates and was reported by a member of the Shadow Chaser Group. It can be used to execute malicious PowerShell commands via MSDT as Arbitrary Code Execution (ACE) attacks when opening or previewing Word documents. According to Microsoft, “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”

“This new MSDT vulnerability yet again reminds us that having mechanisms in place to quickly and effectively remediate and patch endpoint vulnerabilities is key to a strong security posture,” said Ashley Leonard, Founder and CEO at Syxsense. “To help organizations mitigate this latest threat now, we’re upgrading all our Syxsense Secure customers to our Enterprise platform for 14 days so they can fix this issue quickly, and we’re offering any organizations a free 14-day trial so they too can solve this problem fast.”

Latest ITechnology News: Cerberus Sentinel Completes Acquisition of Creatrix

Syxsense Enterprise is the industry’s first Unified Security and Endpoint Management (USEM) solution that addresses the three key elements of endpoint security – vulnerabilities, patch, and compliance. It layers on a powerful workflow automation tool called Syxsense Cortex™ that remediates and eliminates endpoint security weaknesses – all through a single cloud-based, drag and drop management interface, with hundreds of prebuilt workflows. This includes the ability to identify software vulnerabilities in both OS and 3rd party applications, misconfigurations from open ports, disabled firewalls, ineffective user account polices and more.

Latest ITechnology News: New Consumption-Based IoT Pricing Model from Blues Wireless Replaces Competitor Subscription Models

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

US Signal Partners with Cato Networks

PR Newswire

Reposify Raises $8.5Million Seed Round Tackling the Security Threats from Unknown Internet-Facing Assets

CIO Influence News Desk

Authomize Cloud Identity and Access Security Platform Now Available on Microsoft Azure Marketplace

CIO Influence News Desk

Leave a Comment