Zero day Vulnerability - Need immediate attention! Desktop Central Server might be compromised.
Dear Customer's, At ManageEngine, we consider security as our top priority. That’s why we bring it to your immediate attention, that some versions of Desktop Central Server contain an unauthenticated remote code execution vulnerability (originally reported by Steven Seeley of Source Incite). Since this vulnerability has been declared as "Zero Day - Vulnerability", we could see that some of the enterprises were targeted and few customers network compromised. Ever since this vulnerability was brought
not enough disk space to download patch? But yes there is...
I am evaluating Desktop Central. I have a patch (1909_x64.exe, a Win10 update?) that has failed to install with the message that there is not enough disk space to download the patch... 10GB required. But I have 219GB available on my drive where Desktop Central is installed. I have also confirmed that the patch repository is on that local drive. I had the same message earlier on a different patch, but it installed after a client and server reboot. Any ideas?
Stuck on 'validating image creator components'
I'm not sure why this is happening as it was working. I'm trying to image a devices and it always gets stuck on validating image create components and fetching partition details regardless of the device. I've confirmed no FW and AV is disables seems to be something going on the DC server. Any thoughts or how to troubleshoot?
Patches Tab is blank in build 10.0.513
We have an issue where when looking at a Systems Details via System in Threats & Patches, the patches tab is blank. I know systems have patches installed and or missing but the tab is blank. Is this issue isolated to me? or do others have same issue? I've tried Chrome, IE and Firefox with same result.
MS Patch id 28391 Windows7ESUchecker.exe fails to down load
Is anyone having issues with desktop central patch management failing to download Windows7ESUchecker.exe for patch ID 28391? I have even downloaded manually and the tried to upload it and I get a checksum error when I do.
Google Chrome releases stable version 80.0.3987.149
Hello folks, Google Chrome has recently updated the stable channel to 80.0.3987.149. This version comes with fixes for 13 security bugs, of which nine are rated High in severity. The CVE IDs of the patches released are as follows. CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2019-20503 CVE-2020-6449 Desktop Central now supports Google Chrome's latest version 80.0.3987.149 for Windows, Mac, and Linux. If you're looking to update
Critical vulnerabilities fixed in Adobe Reader and Acrobat
Hello folks, The lack of Adobe updates in the March Patch Tuesday might have come as a surprise to many of us. However a week from Patch Tuesday, Adobe has released updates to fix 13 vulnerabilities in Adobe Acrobat and Reader for Windows and macOS. 9 of them are rated 'Critical'. Affected versions These versions are applicable for both Windows and mac platforms Acrobat DC Continuous 2020.006.20034 and earlier versions Acrobat Reader DC Continuous 2020.006.20034 and earlier versions Acrobat
Powershell Rest API Interegation
Hi, Has anyone tried to invoke rest methods via powershell to pull data from Desktop Central? I am currently having issues sending the initial POST to get an authentication Key back as I have done with other REST API's. I mainly seem to be getting the below even with known correct credentials :- error_description : Username and password did not match message_type : authentication error_code : 10001 message_version : 1.0 status : error I can invoke a request to a URL that
MSSQL EXPRESS 2016/2019
Hi Guys, My company is trying ManageEngine DesktopCentral UEM Edition. I want to, and from the begining, install the Database on an MSSQL Server Express edition Raison ? Cause of the failover Server we will building later. We will manage between 400/500 computers + some Android tablets. So the question is, can I migrate the database from PostgreSQL to MSSQLExpress ? Thanks
Restrict server web access
Hi, To facilitate remote working, I have opened Desktop Central agent access to my organisation's VPN. However, I am concerned that this presents external users with a means to attempt to log in to the management console. I think it would be a good idea if there was a way to restrict access to the management console to specified IP addresses or subnets. Thanks!
Cloud version of DTC
I am researching cloud versions of DTC. We have DTC now, but am looking to go cloud based. Is there a cloud version of DTC? If there is not, is there a plan to have a cloud version of DTC soon?
Malicious Software Removal Tool x64 - Are you installing and auditing?
Hello all; I see that this particular piece of software really isn't needed in our environment. We utilize Sophos Endpoint with InterceptX. Are any of you deploying this item?
Domain Credential "..is invalid for the domain.."
When attempting to add a remote office I receive an Alert that the credential is invalid for the domain.
DC Secure Gateway Server Services is stopping after DC server upgrade
Hi, Recently we have upgraded DC server with the version 10.0.513 and secure gateway server version is 90075. After DC server update, ME secure gateway server services is keep on stopping and agents communication stopped.
OS deployment through software deployment in desktop central
Hello I want to upgrade a windows 7 to windows 10 through software deployment. so I followed the guid in this link https://www.manageengine.com/products/desktop-central/deploy-windows-10-how-to.html for windows 7 in-place upgrade to windows 10. but after i deploy package on windows 7 client, desktop central remarks "The operation completed successfully" and says that the configuration executed successfully. but when i login to windows 7 client it still remains in windows 7 and doesn't upgraded to
Desktop Central 10
So everyone knows, there seems to be a HUGE virtual memory leak in the Desktop Central 10 Windows agent 10.0.466.W. I installed this for evaluation 2 months ago, everything seemed great except I started getting issues with users almost daily having issues accessing my domain controllers and file servers (these were the servers I was administering with DC) I would have to reboot them every morning just to allow people to log in and then usually within a few hours the issue would be back. I chased
Add User - Access Denied
Manage 33 computers and have had no problem with 30 of them. 1 cannot be added for some reason. I get "Access Denied". I have read the referenced KB. The "Enable Distributed COM" was already enabled, the "Enable DCOM Internet Services" was not. What is an appropriate authentication level for each of the following. Select an appropriate authentication level - left this alone as it was already checked Select an appropriate impersonation level - was set at Identity.
Confusion over Product Numbers
I hate to admit it but I am totally confused as ManageEngine's product numbers. I am using the licensed version - currently 10.0.450. Reading the forum posts there are many references to problems existing in versions 10.0.466, 472, 473, 475, 476, 509, 510, and 511. The version that is being pushed right now is 10.0.478. Is 478 a "stable" release or does it suffer from the same problems as those others listed above? If it is "stable", then why aren't 509, 510, and 511? Honestly, I can not be the only
Windows 10 Version Upgrades
Good Morning, i am working on a project to upgrade all of our Windows 10 versions to the current 1909. I am having a problem with some of the previous versions when I apply the configuration. I am getting error "Patch stored location is not available to download the patch from the server." This is happening on the local LAN and on the WAN but I have only investigated locally. The local LAN is not using a distribution Server. I can view the download here -> "C:\ManageEngine\DesktopCentral_Server\webapps\DesktopCentral\store"
"Out-of-band" fix rolled out for the leaked Eternal Darkness bug
Hello folks, Earlier in March 2020 Patch Tuesday, Microsoft has announced a security advisory on an unpatched vulnerability in the SMBv3 protocol (CVE-2020-0796) with a temporary workaround in place. Now a fix is available for this vulnerability as KB4551762, for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909. Microsoft strongly recommends that you install the updates for this vulnerability. In case you have applied the workaround published earlier and wish
Post Reboot Notifications
In my office environment there are hundreds of Windows computers that are running itself (without human intervention) which allow auto reboot after Windows patch deployed, I wonder if I can setup an email notification when a machine has been finished rebooting (both manual reboot or auto reboot).
"EternalDarkness" - unpatched SMB v3 compression RCE bug details leaked
Microsoft has announced in its security advisory the details of a remote code execution vulnerability(RCE), tracked as (CVE-2020-0796) in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles connections that use compression. This vulnerability has been named 'EternalDarkness' and 'SMBGhost', along the lines of the EternalBlue exploit that leveraged the SMB vulnerability to launch the 2017 WannaCry ransomware. Affected products: Product Version Windows Server Version
Patching Issue - Agent Down
I have server not be able to run patch as the agent status is down shown in Desktop Central. But when check on OpManager, the agent is working fine and up. Why this is happening? Can anyone help?
Install agent after macOS device is successfully activated
How would I go about getting the DC agent installed automatically after my MDM managed macOS computer is successfully activated and my profiles successfully applied? I can see the ME MDM application was installed and is running, showing an icon by the clock (top right).
How to push software when template is updated?
Hello.. I know how to create a software configuration and push them, and how to create packages from templates. What I don't understand how to do is for a software to get pushed to computers when the template is update with a new version. For example, I have client computers that install Amazon Workstations from the Self Service Portal. When the template is updated, the version on the Portal is updated automatically. But how can I tell Desktop Central to force install this new version on the client
Clearing Patch Status
Is there a quick way to reset/clear the patch status on some machines? I have several that were patches manually that are showing previous failures. These don't appear to clear so I was hoping to manually reset it.
Dell API update for Warranty fetch details
Dell has announced that the API to check for warranty details will be deprecated as on March 12, 2020. The new APIs for Dell has been released in build 10.0.479 and above. To continue to fetch warranty details in Desktop Central securely, follow the below given steps. 1. Log in to your Desktop Central console, click on your current build number on the top right corner. 2. You can find the latest build applicable to you. Download the PPM and update. Cheers, ManageEngine Team
March 2020 Patch Tuesday updates
Hello folks, Good day. Quick update on the March 2020 Patch Tuesday. New Security Bulletins : 2020-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4541506) (ESU) 2020-03 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB4540688) (ESU) 2020-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4541510) 2020-03 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 for
Critical vulnerabilities fixed in Mozilla Firefox 74 and Firefox ESR 68.6
March updates include two advisories from Mozilla, one for Firefox 74 and one for Firefox ESR 68.6, featuring 6 CVEs rated as high. Product Title CVE ID Severity Firefox 74 & Firefox ESR 68.6 Use-after-free when removing data about origins CVE-2020-6805 High Firefox 74 & Firefox ESR 68.6 BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6806 High Firefox 74 & Firefox ESR 68.6 Use-after-free in cubeb during stream destruction CVE-2020-6807 High Firefox 74
Error when uploading the Terms of Use in HTML for MDM
I'm trying to upload my own terms of use, in HTML format. In fact, I'm using a simple format <html> <body> <h1></h1> ... </body> </html> but, at the time of viewing the terms of use, there is an error in the mobile device and we cannot display it. Anyone else with a similar problem?
Mac OS Catalina installer fails to download
I'm trying to upgrade MacOS to Catalina. The link that DesktopCentral is using to download the file "installCatalina.tar.gz" is https://updates.cdn-apple.com/2018/091-99991-20181030-10052238-C103-11E8-A480-9257C82E983B/installCatalina.tar.gz. But that link just has a Access Denied page. (I'm on DC version 10.0.475) Thanks
March 2020 Patch Tuesday forecast
Look out for a more stable fix this Patch Tuesday for the botched Windows 10 updates 4524244 and 4502496 Microsoft pulled last month. With a huge number of CVEs fixed by Microsoft and a good deal of updates for Reader and Acrobat issued by Adobe last month, we hope March Patch Tuesday will spare us with a lighter set of updates. To save yourself the trouble of sorting them out, catch an early analysis on March Patch Tuesday updates and strategies on safe testing and stable rolling out of patches
Manage Engine Desktop Central agent enforcing specific type of browser only (silently Uninstall all non SOE)
My company has purchased Manage Engine Desktop central and deployed the agent in the production environment. In my previous experience with Microsoft SCCM, the agent can enforce only a specific list of browser that is allowed installed and running in the users PC like: Mozilla Firefox, Google Chrome, IE & Edge. Other than those white-listed browser, the agent will Uninstall it silently. is there any way in DesktopCentral v10 to enforce it that way? I look forward to your reply. Thanks.
Security Update - Ghostcat Vulnerability prevention for Desktop Central
A vulnerability with the name Ghostcat in Apache Tomcat (CVE 2020-1938), which is a third-party component used by Desktop Central was discovered by external security researchers of Chaitin Tech. This Ghostcat Vulnerability has been mitigated and has been released for ManageEngine Desktop Central. Follow the below given steps to prevent this vulnerability in Desktop Central Servers. Log in to your Desktop Central console, click on your current build number on the top right corner. You can find the
Desktop Central is still desperately lacking in patch/configuration job targeting...
This has been an issue for a good number of years now and, whilst DC appear to have made some changes (and even some improvements) to the way in which you are able to target jobs, there are still some pretty serious limitations and even some down-right failures in the way in which job targeting is handled. Here are a couple of posts, over at least the last six years, of examples where very specific requests for improvement have been made, with repeated "looking into it" and other non-committal responses:
Security Update - ManageEngine Desktop Central (Remote Code Execution - Fixed)
Hello Everyone, The remote code execution vulnerability in Desktop Central (CVE-2020-10189) has been fixed in build 10.0.479. The new hotfix is available at https://www.manageengine.com/products/desktop-central/service-packs.html For more information about the vulnerability, please visit https://www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html Please contact support for any clarification or the assistance. Thank you.
Zero-Day Vulnerability - Desktop Central - March 6th, 2020
Is there any information regarding the zero-day vulnerability for Desktop Central that was announced today via the article: https://www.zdnet.com/article/zoho-zero-day-published-on-twitter/ ? Any guidance yet?
Critical PPP Daemon vulnerability opens up Linux systems to RCE attacks
Hello guys, The US-CERT has issued an advisory warning users of the new remote code execution (RCE) vulnerability CVE-2020-8597, affecting the PPPD (Point-to-Point Protocol Daemon) installed in almost all flavors of Linux based systems. Other than Linux systems, this vulnerability also affects few other networking applications and devices such as Cisco CallManager, TP-Link products, Synology, and OpenWRT Embedded OS. The vulnerability The vulnerability CVE-2020-8597 exists due to an error in
Need help with a query report
Hi, I need a query report for the usage of a metered software. But I need the report ignoring the file version and the computer. It should be like this: User Name | Rule Name | Usage Duration user xy acad.exe 7 day, 5 hours, 30 min The normal Users with metered software splits the time according to the Product Version (file version) Maybe someone can help me with creating a query report. Thx bye, Alf
The connection with the server has been terminated or an incompatible SSL protocol was encountered
Hi, Please could you help for the following error? The connection with the server has been terminated or an incompatible SSL protocol was encountered
Next Page