"EternalDarkness" - unpatched SMB v3 compression RCE bug details leaked
Microsoft has announced in its security advisory the details of a remote code execution vulnerability(RCE), tracked as (CVE-2020-0796) in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles connections that use compression. This vulnerability has been named 'EternalDarkness' and 'SMBGhost', along the lines of the EternalBlue exploit that leveraged the SMB vulnerability to launch the 2017 WannaCry ransomware. Affected products: Product Version Windows Server Version
Patching Issue - Agent Down
I have server not be able to run patch as the agent status is down shown in Desktop Central. But when check on OpManager, the agent is working fine and up. Why this is happening? Can anyone help?
Install agent after macOS device is successfully activated
How would I go about getting the DC agent installed automatically after my MDM managed macOS computer is successfully activated and my profiles successfully applied? I can see the ME MDM application was installed and is running, showing an icon by the clock (top right).
How to push software when template is updated?
Hello.. I know how to create a software configuration and push them, and how to create packages from templates. What I don't understand how to do is for a software to get pushed to computers when the template is update with a new version. For example, I have client computers that install Amazon Workstations from the Self Service Portal. When the template is updated, the version on the Portal is updated automatically. But how can I tell Desktop Central to force install this new version on the client
Clearing Patch Status
Is there a quick way to reset/clear the patch status on some machines? I have several that were patches manually that are showing previous failures. These don't appear to clear so I was hoping to manually reset it.
Dell API update for Warranty fetch details
Dell has announced that the API to check for warranty details will be deprecated as on March 12, 2020. The new APIs for Dell has been released in build 10.0.479 and above. To continue to fetch warranty details in Desktop Central securely, follow the below given steps. 1. Log in to your Desktop Central console, click on your current build number on the top right corner. 2. You can find the latest build applicable to you. Download the PPM and update. Cheers, ManageEngine Team
March 2020 Patch Tuesday updates
Hello folks, Good day. Quick update on the March 2020 Patch Tuesday. New Security Bulletins : 2020-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4541506) (ESU) 2020-03 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB4540688) (ESU) 2020-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4541510) 2020-03 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 for
Critical vulnerabilities fixed in Mozilla Firefox 74 and Firefox ESR 68.6
March updates include two advisories from Mozilla, one for Firefox 74 and one for Firefox ESR 68.6, featuring 6 CVEs rated as high. Product Title CVE ID Severity Firefox 74 & Firefox ESR 68.6 Use-after-free when removing data about origins CVE-2020-6805 High Firefox 74 & Firefox ESR 68.6 BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6806 High Firefox 74 & Firefox ESR 68.6 Use-after-free in cubeb during stream destruction CVE-2020-6807 High Firefox 74
Error when uploading the Terms of Use in HTML for MDM
I'm trying to upload my own terms of use, in HTML format. In fact, I'm using a simple format <html> <body> <h1></h1> ... </body> </html> but, at the time of viewing the terms of use, there is an error in the mobile device and we cannot display it. Anyone else with a similar problem?
Mac OS Catalina installer fails to download
I'm trying to upgrade MacOS to Catalina. The link that DesktopCentral is using to download the file "installCatalina.tar.gz" is https://updates.cdn-apple.com/2018/091-99991-20181030-10052238-C103-11E8-A480-9257C82E983B/installCatalina.tar.gz. But that link just has a Access Denied page. (I'm on DC version 10.0.475) Thanks
March 2020 Patch Tuesday forecast
Look out for a more stable fix this Patch Tuesday for the botched Windows 10 updates 4524244 and 4502496 Microsoft pulled last month. With a huge number of CVEs fixed by Microsoft and a good deal of updates for Reader and Acrobat issued by Adobe last month, we hope March Patch Tuesday will spare us with a lighter set of updates. To save yourself the trouble of sorting them out, catch an early analysis on March Patch Tuesday updates and strategies on safe testing and stable rolling out of patches
Manage Engine Desktop Central agent enforcing specific type of browser only (silently Uninstall all non SOE)
My company has purchased Manage Engine Desktop central and deployed the agent in the production environment. In my previous experience with Microsoft SCCM, the agent can enforce only a specific list of browser that is allowed installed and running in the users PC like: Mozilla Firefox, Google Chrome, IE & Edge. Other than those white-listed browser, the agent will Uninstall it silently. is there any way in DesktopCentral v10 to enforce it that way? I look forward to your reply. Thanks.
Security Update - Ghostcat Vulnerability prevention for Desktop Central
A vulnerability with the name Ghostcat in Apache Tomcat (CVE 2020-1938), which is a third-party component used by Desktop Central was discovered by external security researchers of Chaitin Tech. This Ghostcat Vulnerability has been mitigated and has been released for ManageEngine Desktop Central. Follow the below given steps to prevent this vulnerability in Desktop Central Servers. Log in to your Desktop Central console, click on your current build number on the top right corner. You can find the
Desktop Central is still desperately lacking in patch/configuration job targeting...
This has been an issue for a good number of years now and, whilst DC appear to have made some changes (and even some improvements) to the way in which you are able to target jobs, there are still some pretty serious limitations and even some down-right failures in the way in which job targeting is handled. Here are a couple of posts, over at least the last six years, of examples where very specific requests for improvement have been made, with repeated "looking into it" and other non-committal responses:
Security Update - ManageEngine Desktop Central (Remote Code Execution - Fixed)
Hello Everyone, The remote code execution vulnerability in Desktop Central (CVE-2020-10189) has been fixed in build 10.0.479. The new hotfix is available at https://www.manageengine.com/products/desktop-central/service-packs.html For more information about the vulnerability, please visit https://www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html Please contact support for any clarification or the assistance. Thank you.
Zero-Day Vulnerability - Desktop Central - March 6th, 2020
Is there any information regarding the zero-day vulnerability for Desktop Central that was announced today via the article: https://www.zdnet.com/article/zoho-zero-day-published-on-twitter/ ? Any guidance yet?
Critical PPP Daemon vulnerability opens up Linux systems to RCE attacks
Hello guys, The US-CERT has issued an advisory warning users of the new remote code execution (RCE) vulnerability CVE-2020-8597, affecting the PPPD (Point-to-Point Protocol Daemon) installed in almost all flavors of Linux based systems. Other than Linux systems, this vulnerability also affects few other networking applications and devices such as Cisco CallManager, TP-Link products, Synology, and OpenWRT Embedded OS. The vulnerability The vulnerability CVE-2020-8597 exists due to an error in
Need help with a query report
Hi, I need a query report for the usage of a metered software. But I need the report ignoring the file version and the computer. It should be like this: User Name | Rule Name | Usage Duration user xy acad.exe 7 day, 5 hours, 30 min The normal Users with metered software splits the time according to the Product Version (file version) Maybe someone can help me with creating a query report. Thx bye, Alf
The connection with the server has been terminated or an incompatible SSL protocol was encountered
Hi, Please could you help for the following error? The connection with the server has been terminated or an incompatible SSL protocol was encountered
Desktop Central 4.76 AD Sync
Has anyone experienced the missing AD Sync in Desktop Central 10.0.476.. I found a back way of doing it but the page does not look right in Chrome (latest version) http://clerkwsus:8020/som.do?actionToCall=addComputers
ManageEngine launches Application Control Plus
We are thrilled to announce that we have introduced a brand-new application control and privilege management solution - Application Control Plus With Application Control Plus you can leverage the combined benefits of Least Privilege and Zero Trust principles to thwart application-related threats Features and Benefits Instant discovery of all running applications Trust-centric approach to application whitelisting Malware prevention by executable level blacklisting Varied flexibility modes to
updated to build 10.0.475 from 10.0.450 last Friday and servers have been generating errors ever since, 725 thousand events per day
updated to build 10.0.475 from 10.0.450 last Friday and servers have been generating errors ever since, 725 thousand events per day We we did not have these errors before the agents updated on the servers. The errors logging are: Application popup: cmd.exe - System Error : The program can't start because MSVCP100.dll is missing from your computer. Try reinstalling the program to fix this problem. Application popup: cscript.exe - System Error : The program can't start because MSVCP100.dll is missing
Software Deployment Configuration settings Reboot Policy: Allow User to skip Reboot...
Hi Guys & Gals, I have a software deployment policy created to deploy some Adobe software. The reboot policy is set to allow users to skip the reboot process. However, if the users are not at their PC, when the package has completed deploying the software, the systems appear to still be rebooting. Copied from the policy summary page (Showing the packages reboot policy): Reboot Policy: Allow user to skip Reboot [exclude servers] Copied directly from the Install/Uninstall Status page for the system
Moving DC server between domains...
Hi, As a part of migrating a client from Windows SBS 2011 to Windows Server 2019, I am in the process of changing a company's DNS from non-routable (domain.local) to a routable name (domain.net), as per Microsoft's current best practices for domains. Do you guys have any guides of KB articles for the steps we would need to take to move a DC server from the old name space to the new one, please? Cheers, David.
Windows 10 Taskbar settings via DC - How To ??
Hi All! I need deploy some taksbar template (it's pack of several ent.applications) fow Windows 10 for all my PCs. How to ?? http://odarchuk.com
Not showing Logged On User
BEfore i open a ticket, I would like to know what I can do on my end to attempt to resolve the issue. We have a few dozen machines that are online, show online. Show recently completed scan dates and times. Yet they don't show who is logged on to them. We have physically verified computers A, B, C and D are in use by users. Those same computers do not show anyone as being logged in in the dashboard or in the reports of Desktop Central. The client is up to date, the last scan date, and boot time
Network and Wireless Adaptor Mac Address
Hi, How can i report network and wireless adaptor mac address query Thank you
Error UNEXPECTED KERNEL MODE TRAP in Windows 10 1909
Hi I am using the free version of Desktop Central build 10.0.469 and when installing the agent remotely or locally on a desktop with Windows 10 Pro for Workstation build 1909 just installed this gives an error UNEXPECTED KERNEL MODE TRAP and restarts again and again But in windows 10 1903 this does not happen? regards
Copy a folder and then change permissions
I have a Configuration which successfully copies a directory and its contents from a network share to a local PC. But one folder needs to be open for users to write to once they start the application it is associated with. I need to update the permissions after copy so that the user group Users can read and write to this directory. Thanks!!
Google Chrome critical updates
Hello folks, On February 24, Google released a new stable channel update 80.0.3987.122, for Windows, Mac, and Linux. This was done to address several vulnerabilities in Google chrome. There were 3 security updates released out of which CVE-2020-6418 is rumored to be exploited in the wild. Google further affirms this saying that they were aware this exploit existed in the wild and could have been exploited as a zero-day. List of the security updates released: CVE-2020-6407: Out of bounds memory
Deploying Office 2019 but need Office 2016 removed first.
Office 2019 along with Visio & Project 2019 cannot be deployed if the 2016 or any prior versions of Office is still installed. Including the command <RemoveMSI /> or <RemoveMSI All="True" /> to the config.xml file as stated by Microsoft to remove the older versions during installation is there but it does not remove prior versions office/visio/project. What other means is there to upgrade the users to Office 2019 that successfully removes the older versions of Office?
Remote Session - Darken Screen
I'm curious if there is a way to change what the "Darken Screen" option actually shows when on a remote session. Often times a user will just think the computer is off or frozen so they'll attempt a hard shutdown of the computer. It'd be beneficial if we could change this to a splash image of our choosing. That way we can put a generic "Help Desk is currently remoted onto this computer" message to display on the screen with number for them to call if needed.
Android Bulk User Assignment via. EMM - Possible?
We're going to be deploying a few hundred phones with EMM (QR Code). We've tested the process, it seems to work fine. However, the one snag is that we have to assign each phone to the user manually. Luckily, these will all be assigned to a single, generic user account. Is there any way to automate this? Currently, as each phone is enrolled, the user would have to call into the IT Helpdesk and have the phone assigned. We've looked at bulk/CSV methods, but they don't seem to apply to EMM enrollment
How to create dynamic group by hardware criteria?
Hi there! We really like custom dynamic groups, but we'd like to create by one of hardware criteria. Our company have some old workstations and some of updates drops them to bsod. It would be very good idea to collect this workstations to custom group dynamicaly. What's your solution about this situation?
Issues Since Latest Patch - Characters Not Displaying Correctly, Lost our LDAP certificate ability
Since the latest patch to 10.0.476 on our Windows Server the characters displayed in the "Software Deployment" > "Package Details" information page are not correct...The backslashes in the file path are showing as "\\" Rather than \\ This is the same for all of the software packages... If you click on "Actions" > "Modify" to open up the package for changes, the characters all display correctly. as far as the LDAP SSL cert goes...I'm not sure if it was originally set up to be used, or if
Communication Problem between Client and Server
Hello I have following problem. I have installed Desktop Central Agent on a machine. After installing agent from Desktop Central Server it is performing Inventory Scan and in Inventory section the Scan Status is Success. When I am trying to scan system from Desktop Central Server it gives me following error "The network name cannot be found." And although remote tools such as remote connection, processes, etc not working. Briefly, communication from Client side working, but from Server side not.
Its possible to separate the computers that a user can take control?
Hi guys, I was wondering that if there is a chance for me to decide if one user can take remote control of some computers and the other users can take control of other computers. Im trying to give a user permission to take control over SOME computers but not to ALL the computers that i have in my system. Can someone help me solving this?
Proper way to remove a distribution server and remote office
I have 3 distribution servers and there corresponding remote office that are no longer needed as these sites have been closed. is there a proper way to remove both the DS and remote site? currently there still shows agents in these remote offices but none on the agent are currently live and will not be live in these locations. what happens when i delete the remote office with agents in it? Please let me know if there is a proper order to deleting remote office and DS with non live agents in
Error Occurred
Hi, When ever i try to update profiles or distrubate apps, I get this Error (See attached file) I've had this error before but a quick reboot fixed it. Now the error stays when I reboot. Any advice? Thanks in advance, Yorick
How to exclude or block all further patches for 1 program?
I feel like this must be easy, but I'm having trouble finding it. We need to stop Desktop Central from pushing any patches out for a particular program, MySQL Connector Net. Can I do this and where? We have a test + approve group set up, and I can see a section to exclude specific programs from this (not sure if doing this just forgoes testing and pushes it anyway), but I don't see a place to exclude it in just general patch management. Thanks in advance!
Next Page