Desktop Central server hardening guidelines
Hi Folks, It is critical to stay protected and have a check on your organization's approach towards securing and managing the endpoints. This article suggests security guidelines to harden the ManageEngine Desktop Central software. These security suggestions
Secure your Desktop Central server from unauthenticated access!
Dear Customer's, At ManageEngine, we consider security as our top priority. That’s why we bring it to your immediate attention, that some versions of Desktop Central Server instances that were hosted as edge devices with weak password policies might be compromised (reported by BleepingComputer). A cyberthreat actor has claimed that the Desktop Central servers hosted as edge devices (publicly accessible) that do not have two-factor authentication enabled and use the default credentials to authenticate
Fixes to multiple vulnerabilities
Hello everyone, Greetings, Multiple vulnerabilities have been fixed and released in Desktop Central build 10.0.532. Here is the Knowledge Base article for your reference: https://www.manageengine.com/products/desktop-central/multiple-vulnerabilities-fix.html #securityupdate-dc If you need assistance, please reach us via desktopcentral-support@manageengine.com Kind regards, Desktop Central team
Zero day Vulnerability - Need immediate attention! Desktop Central Server might be compromised.
Dear Customer's, At ManageEngine, we consider security as our top priority. That’s why we bring it to your immediate attention, that some versions of Desktop Central Server contain an unauthenticated remote code execution vulnerability (originally reported by Steven Seeley of Source Incite). Since this vulnerability has been declared as "Zero Day - Vulnerability", we could see that some of the enterprises were targeted and few customers network compromised. Ever since this vulnerability was brought
Dell API update for Warranty fetch details
Dell has announced that the API to check for warranty details will be deprecated as on March 12, 2020. The new APIs for Dell has been released in build 10.0.479 and above. To continue to fetch warranty details in Desktop Central securely, follow the below given steps. 1. Log in to your Desktop Central console, click on your current build number on the top right corner. 2. You can find the latest build applicable to you. Download the PPM and update. Cheers, ManageEngine Team
ManageEngine launches Application Control Plus
We are thrilled to announce that we have introduced a brand-new application control and privilege management solution - Application Control Plus With Application Control Plus you can leverage the combined benefits of Least Privilege and Zero Trust principles to thwart application-related threats Features and Benefits Instant discovery of all running applications Trust-centric approach to application whitelisting Malware prevention by executable level blacklisting Varied flexibility modes to
Cyborg Ransomware reported!!
Hello All, A quick heads-up on the spreading cyborg ransomware phishing e-mails. It is not new that intruders make use of trending events to manipulate Internet users into cyber-attacks. Now that Windows has rolled-out its Vanadium 1909 feature pack update, what could be more trending in the cyber-space? So yes, Phishing e-mails are out seeking for victims. The e-mails come with subject lines like "Install Latest Microsoft Windows Update now!" or "Critical Microsoft Windows Update!". Just in
Endpoint Security, GDPR & more from ManageEngine's experts
We are happy to inform ManageEngine is conducting a one-day endpoint security seminar in London on 17, April 2018. We would like to have you on board, make use of this opportunity to connect with our Endpoint Security experts and get insights into GDPR compliance from an endpoint management perspective. Please find the agenda and registration link here Pls, share it with your peers too. Hoping to see you there.
Microsoft Patch Tuesday February 2018 updates
This month’s update includes patches for 50 vulnerabilities, along with patches for the infamous processor bugs Meltdown and Spectre. In addition to those patches, Microsoft has also released a patch for a recent zero-day vulnerability for Adobe Flash Player. This update was bundled along with Microsoft’s ADV180004 update last week. Read: https://blogs.manageengine.com/desktop-mobile/desktopcentral/2018/02/14/microsoft-patch-tuesday-february-2018-updates.html
Webinar: How to mitigate the Meltdown and Spectre bugs. (Register Now)
Meltdown and Spectre, two massive hardware bugs that exist in Intel, AMD, and ARM processors that are capable of exposing any sensitive data that is being processed in your countless desktops, laptops, and other devices. Attend this webinar, to know how these bugs exploit sensitive data and mitigate them right away. Agenda: Quick recap of the devastating intel bugs and their impacts. Understanding the difference between Meltdown and Spectre. Methods to mitigate Meltdown and Spectre. Webinar details:
Mitigation for Meltdown and Spectre exploit
Introduction to Meltdown and Spectre Meltdown and Spectre are two new hardware bugs that exist in Intel, AMD, and ARM processors and capable of exposing any sensitive data processed by countless computers and devices. Personal data like passwords, photos, emails, and even business-critical documents can be accessed and stolen. Read more. Exploits CVE-2017-5754 (Meltdown) and CVE-2017-5753 and CVE-2017-5715 (Spectre). Mitigation Bulletin ID: MS18-JAN1 ManageEngine patch management team have already
Microsoft Patch Tuesday December 2017 updates
Microsoft Patch Tuesday is here for December 2017 with 34 security updates, 2 key fixes for 7 different products. Patch now and stay safe to have a happy vacation ahead. Read more: https://goo.gl/2QUDRa
TeamViewer hacked: Here’s how to protect your systems
Hi there, TeamViewer can be exploited using a vulnerability allowing users to switch between viewer and presenter side, or remotely control the server. If you are using TeamViewer in your enterprise, do act now. Read more: https://goo.gl/2E65yX
Ensure your company is GDPR compliant using Desktop Central
While companies are working their way towards GDPR compliance, Desktop Central—our very own endpoint management solution—can help you keep your users' PII secure so you can stay GDPR compliant. Manage your servers, desktops, laptops, smartphones, and even tablets, all from one central location and maintain GDPR compliance for long time. Read more: https://www.manageengine.com/products/desktop-central/gdpr.html
Free webinar series: Securing your organization from cyber attacks
Join us for our free two-part webinar series to learn about the tools and techniques you need to secure your organization from cyber attacks. We'll be discussing the two-pronged approach - including both reactive and proactive measures - that'd help you secure your IT against the recently prevalent cyber threats. Register here: http://bit.ly/SecEntIT Part 1: Handling an attack | Thursday, July 20th, 2:30pm IST Part 2: Preventing attacks | Thursday, August 3rd, 2:30pm IST Click here for more details
KB4022719 - Causes Internet Explorer to print the blank pages.
Hello, Greetings from ManageEngine Desktop Central. End users may report a blank page print out of contents that opened in a Internet Explorer frame. The root cause for this issue is not a printer, but the recent monthly rollup deployed to Workstation running with Windows 7 SP 1 OS. The Microsoft yet to provide a solution to this issue and in case of fixing this issue is on a highest priority situation then you may consider to uninstall this update. The reason why I recommend you to uninstall on
Sambacry : Remote Code Execution Vulnerability in Linux
Hi Team, Nice to reach out amidst busy patching season. Here is yet another announcement on the new 'sambacry' vulnerability. What is "Sambacry"? Samba allows non-Windows operating systems, i.e. Linux Operating Systems to share network shared folders, files, and printers with Windows operating system. Samba is a Open-source software which extends SMB protocol to Linux. This runs on majority of the active Linux Operating System currently in use. A critical 'Remote Code Execution Vulnerability'
In-depth training on "Securing your Endpoints using Desktop Central"
Greetings from ManageEngine. The wave of WannaCry ransomware attacks affected a million users in 150 countries, waking up the wider world to the dangers of ransomware. To help your organisation prevent future threats, join us for an in-depth training on "Securing your Endpoints using Desktop Central" on May 25th scheduled at 11:30 EDT. Register using this link. Regards, Desktop Central Team
ManageEngine DesktopCentral's Initiatives on security front from the recent learnings
Dear all, We at ManageEngine DesktopCentral, put our best efforts to ensure the product is secure and protected from real-world threats that in-turn gives excellent customer satisfaction. With the recent happenings in the security front, we fell short in this commitment. My sincere apologies on behalf of the team for the frustration this has caused. The technical challenges that we faced this time and the approach has caused this situation. From the learning, we have taken our exertion to fix
Desktop Central Security Update release
Hi Folks, Greetings and New Year Wishes from ManageEngine. This security update resolves a vulnerability in Desktop Central which allows creation of users by remote code execution. An attacker who exploits this vulnerability could gain access to the Desktop Central web console for performing remote desktop management activities. For more details on this vulnerability, refer to here This vulnerability has been fixed in Desktop Central #build 90109. The current EXE available in the website includes