Automatically Remediate New Zero-Day Exploit in Microsoft Windows Support Diagnostic Tool with Syxsense Enterprise

By AIT News Desk On Jun 3, 2022

Get access to Syxsense Enterprise free of charge for 14 days with no device limits to remediate MSDT remote code execution vulnerability, CVE-2022-30190

Syxsense, a global leader in IT and security management solutions, is offering organizations a free 14-day trial of its Syxsense Enterprise cloud-based endpoint and IT management platform, which includes a pre-built remediation for the newly discovered Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability .

Latest Aithority Insights: Top Skills Needed to Become an AI Engineer

“This new MSDT vulnerability yet again reminds us that having mechanisms in place to quickly and effectively remediate and patch endpoint vulnerabilities is key to a strong security posture”

Register for the free trail of Syxsense Enterprise here and remediate the MSDT remote code execution vulnerability quickly.

The MSDT flaw impacts all Windows versions receiving security updates and was reported by a member of the Shadow Chaser Group. It can be used to execute malicious PowerShell commands via MSDT as Arbitrary Code Execution (ACE) attacks when opening or previewing Word documents. According to Microsoft, “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”

Data Privacy and Security: Chicago Public Schools Suffers Major Data Breach Affecting 100K Accounts

“This new MSDT vulnerability yet again reminds us that having mechanisms in place to quickly and effectively remediate and patch endpoint vulnerabilities is key to a strong security posture,” said Ashley Leonard, Founder and CEO at Syxsense. “To help organizations mitigate this latest threat now, we’re upgrading all our Syxsense Secure customers to our Enterprise platform for 14 days so they can fix this issue quickly, and we’re offering any organizations a free 14-day trial so they too can solve this problem fast.”

Syxsense Enterprise is the industry’s first Unified Security and Endpoint Management (USEM) solution that addresses the three key elements of endpoint security – vulnerabilities, patch, and compliance. It layers on a powerful workflow automation tool called Syxsense Cortex™ that remediates and eliminates endpoint security weaknesses – all through a single cloud-based, drag and drop management interface, with hundreds of prebuilt workflows. This includes the ability to identify software vulnerabilities in both OS and 3^rd party applications, misconfigurations from open ports, disabled firewalls, ineffective user account polices and more.

Top Machine Learning Insights: LivePerson Collaborates with UCSC to Build the Future of Natural…

[To share your insights with us, please write to sghosh@martechseries.com]