Security Notification: Syxsense Enterprise will assist to Automatically Remediate New Zero-Day Exploit in Microsoft Windows Support Diagnostic Tool

42
Secure Code Warrior and Okta collaborate to create a new solution to protect developer workflows

Syxsense, a global leader in IT and security management solutions, is offering organizations a free 14-day trial of its Syxsense Enterprise cloud-based endpoint and IT management platform, which includes a pre-built remediation for the newly discovered Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability (CVE-2022-30190).

Register for the free trail of Syxsense Enterprise here and remediate the MSDT remote code execution vulnerability quickly.

The MSDT flaw impacts all Windows versions receiving security updates and was reported by a member of the Shadow Chaser Group. It can be used to execute malicious PowerShell commands via MSDT as Arbitrary Code Execution (ACE) attacks when opening or previewing Word documents. According to Microsoft, “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”

Also Read: Four Roadblocks to Employing Password Less Authentication

“This new MSDT vulnerability yet again reminds us that having mechanisms in place to quickly and effectively remediate and patch endpoint vulnerabilities is key to a strong security posture,” said Ashley Leonard, Founder and CEO at Syxsense. “To help organizations mitigate this latest threat now, we’re upgrading all our Syxsense Secure customers to our Enterprise platform for 14 days so they can fix this issue quickly, and we’re offering any organizations a free 14-day trial so they too can solve this problem fast.”

Syxsense Enterprise is the industry’s first Unified Security and Endpoint Management (USEM) solution that addresses the three key elements of endpoint security – vulnerabilities, patch, and compliance. It layers on a powerful workflow automation tool called Syxsense Cortex™ that remediates and eliminates endpoint security weaknesses – all through a single cloud-based, drag and drop management interface, with hundreds of prebuilt workflows. This includes the ability to identify software vulnerabilities in both OS and 3rd party applications, misconfigurations from open ports, disabled firewalls, ineffective user account polices and more.

To learn more about the remediation of CVE-2022-30190, see this Syxsense video or download the free trial today at https://www.syxsense.com/start-a-free-trial-of-syxsense.

For more such updates follow us on Google News ITsecuritywire News