[Free webinar] Remediate the gaps in your data access governance with efficient IAM strategies
Are you continuously looking for measures to make your data access governance foolproof? This webinar will help you identify the shortcomings of your data access governance, and tackle them using effective IAM strategies. Reserve your spot! April 22| 2:00 PM AEST| 2:00 PM GST | 11:00 AM EDT This webinar will help you get a deeper
Password Manager Pro new build 10404
Hi, Password Manager Pro 10404 has been released and is now available for download. We have upgraded our security framework with this release. Please see our Release Notes for detailed information. How to Upgrade to Build 10404? If you are an existing customer of Password Manager Pro, download the upgrade pack from the following page: https://www.manageengine.com/products/passwordmanagerpro/upgradepack.html IMPORTANT NOTE: Please save a copy of the entire Password Manager Pro installation folder
Patch Tuesday April 2020 - updates breakdown
Hello guys, Here is a quick breakdown of the April Patch Tuesday updates New Security Bulletins : 2020-04 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809 (KB4549947) 2020-04 Servicing Stack Update for Windows 10 Version 1607 and Windows Server 2016 (KB4550994) 2020-04 Servicing Stack Update for Windows 10 Version 1903 and Windows Server, version 1903 (KB4552152) 2020-04 Servicing Stack Update for Windows 10 Version 1909 and Windows Server, version 1909 (KB4552152) 2020-04
Patch Tuesday April 2020 - updates breakdown
Hello guys, Here is a quick breakdown of the April Patch Tuesday updates New Security Bulletins : 2020-04 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809 (KB4549947) 2020-04 Servicing Stack Update for Windows 10 Version 1607 and Windows Server 2016 (KB4550994) 2020-04 Servicing Stack Update for Windows 10 Version 1903 and Windows Server, version 1903 (KB4552152) 2020-04 Servicing Stack Update for Windows 10 Version 1909 and Windows Server, version 1909 (KB4552152) 2020-04
[Blog] Business Continuity Planning with ServiceDesk Plus
Business Continuity Plan refers to instructions or procedures that help you to operate the business without causing any impact to your customers during a disaster. The disaster can be natural or man-made. Unlike Disaster recovery, BCP ensures the continuity of the entire organization. BCP ensures that all the entities(asset, resources, people, location) in the business are available to provide the service to the end customers. A recent study says that less than 5% SMB have a BCP in place and this
ServiceDesk Plus MSP - version 10.5 - Build - 10502 Released
Dear User(s) We released ServiceDesk Plus MSP - version 10.5 - Build - 10502. Please refer to the Migration path table available here and upgrade to our latest build 10502. Issues Fixed SDPMSP-12599 : Unable to add/update a Technician when more than 300 sites/ groups associated to the technician. SDPMSP-13838 : Prototype pollution vulnerability. SDPMSP-14060 : Xero OAuth 1.0 deprecation is handled. Note: Existing users must reconfigure all Xero integration settings with OAuth 2.0 after this upgrade.
[ForYourInformation -34] ESM ticket movement simplified
Now ESM customers can move tickets between instances, this feature is available from 11110 and post builds of ServiceDesk Plus. Yes, just in a couple of clicks the tickets will be moved from one instance to another instance spontaneously. In any IT Service Desk environment, for a new user to choose the right template and submit a ticket will be quite challenging. At times they tend to submit tickets in an inappropriate queue or an incorrect ServiceDesk Plus instance. When days pass by the ticket
[Blog] 8 safety recommendations for working from home "WFH"
The coronavirus pandemic has forced most employees to remain at home in most parts of the world and pushed into a novel territory "work from home" (WFH). This certainly allures the intruders to explore the possibilities to gain access to sensitive data which could be crucial to your organization and cybercrimes will increase at this time. Here are some tips to shun cyber attacks, 1. Educate employees with basic security knowledge. Say, how to beware of phishing emails,
Firefox 75 and Firefox ESR 68.7 fix high severity vulnerabilities
Firefox rolled out the latest stable version Firefox 75.0 and its corresponding ESR version Firefox ESR 68.7 to fix a number of vulnerabilities found in their earlier versions. Here's a list of CVEs fixed and their details: CVE ID Severity Vulnerability Description Fixed in CVE-2020-6828 High Preference overwrite via crafted Intent from malicious Android application Firefox ESR 68.7 CVE-2020-6827 High Custom Tabs in Firefox for Android could have the URI spoofed Firefox ESR 68.7 CVE-2020-6821
Firefox 75 and Firefox ESR 68.7 fix high severity vulnerabilities
Firefox rolled out the latest stable version Firefox 75.0 and its corresponding ESR version Firefox ESR 68.7 to fix a number of vulnerabilities found in their earlier versions. Here's a list of CVEs fixed and their details: CVE ID Severity Vulnerability Description Fixed in CVE-2020-6828 High Preference overwrite via crafted Intent from malicious Android application Firefox ESR 68.7 CVE-2020-6827 High Custom Tabs in Firefox for Android could have the URI spoofed Firefox ESR 68.7 CVE-2020-6821
Firefox 75 and Firefox ESR 68.7 fix high severity vulnerabilities
Firefox rolled out the latest stable version Firefox 75.0 and its corresponding ESR version Firefox ESR 68.7 to fix a number of vulnerabilities found in their earlier versions. Here's a list of CVEs fixed and their details: CVE ID Severity Vulnerability Description Fixed in CVE-2020-6828 High Preference overwrite via crafted Intent from malicious Android application Firefox ESR 68.7 CVE-2020-6827 High Custom Tabs in Firefox for Android could have the URI spoofed Firefox ESR 68.7 CVE-2020-6821
[DidYouKnow-39] Automation on approving request using Artificial Intelligence
In every organization, handling approval is a nightmare even though we have a pre-configured approval structure, in certain situations such as if the approver is external to the domain and yet the admin is unable to provide them access to the system then goes through a manual process. This ends up with confusion in approving the request. As a part of handling such scenarios, we have automation in place that helps us to overcome those confusions. We have an AI assistant Zia that helps us in automating
Zoom issued fix for an UNC vulnerability that compromises Windows credentials
Zoom patched a fatal flaw in the Zoom Windows client that allows attackers to use its chat feature to share malicious links that once clicked will leak the Windows network credentials of the victim. Such attacks are possible because Zoom for Windows not only converts normal URLs into a clickable link but also Windows networking Universal Naming Convention (UNC) paths. UNC is used to locate a network resource, such as a file hosted on an attacker-controlled SMB (Server Message Block) server. When
Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox
Mozilla has released fixes for 2 zero-day vulnerabilities in Firefox. The fixes are available in the newly released version of the browser, Firefox 74.0.1.The updated version fixes the vulnerabilities CVE-2020-6819 and CVE-2020-6820 Vulnerability and impact Both CVE-2020-6819 and CVE-2020-6820 are use-after-free vulnerabilities and occur due to improper memory space management by Firefox. These bugs when exploited allow the hacker to write codes into Firefox's memory and have it executed in the
Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox
Mozilla has released fixes for 2 zero-day vulnerabilities in Firefox. The fixes are available in the newly released version of the browser, Firefox 74.0.1.The updated version fixes the vulnerabilities CVE-2020-6819 and CVE-2020-6820 Vulnerability and impact Both CVE-2020-6819 and CVE-2020-6820 are use-after-free vulnerabilities and occur due to improper memory space management by Firefox. These bugs when exploited allow the hacker to write codes into Firefox's memory and have it executed in the
Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox
Mozilla has released fixes for 2 zero-day vulnerabilities in Firefox. The fixes are available in the newly released version of the browser, Firefox 74.0.1.The updated version fixes the vulnerabilities CVE-2020-6819 and CVE-2020-6820 Vulnerability and impact Both CVE-2020-6819 and CVE-2020-6820 are use-after-free vulnerabilities and occur due to improper memory space management by Firefox. These bugs when exploited allow the hacker to write codes into Firefox's memory and have it executed in the
Launching Intune Application Management in Patch Connect Plus
Hello folks, We are happy to announce that Patch Connect Plus now features Intune Application Management. You can seamlessly create and deploy third party applications in Microsoft Intune, in a hassle-free manner. With Intune Application Management, you can Create third party applications in Mocrosoft Intune. Leverage the cloud platform to deploy third party applications. Use pre-defined application templates to ease the process of creating applications. Customize deployment using pre/post deployment
Zoom issued fix for an UNC vulnerability that compromises Windows credentials
Zoom patched a fatal flaw in the Zoom Windows client that allows attackers to use its chat feature to share malicious links that once clicked will leak the Windows network credentials of the victim. Such attacks are possible because Zoom for Windows not only converts normal URLs into a clickable link but also Windows networking Universal Naming Convention (UNC) paths. UNC is used to locate a network resource, such as a file hosted on an attacker-controlled SMB (Server Message Block) server. When
Zoom issued fix for an UNC vulnerability that compromises Windows credentials
Zoom patched a fatal flaw in the Zoom Windows client that allows attackers to use its chat feature to share malicious links that once clicked will leak the Windows network credentials of the victim. Such attacks are possible because Zoom for Windows not only converts normal URLs into a clickable link but also Windows networking Universal Naming Convention (UNC) paths. UNC is used to locate a network resource, such as a file hosted on an attacker-controlled SMB (Server Message Block) server. When
PAM360 new build 4101
Hi, PAM360 4101 has been released and is now available for download. This build comes with an enhancement to the already existing password access control workflow. It is now possible for administrators to provide Just in Time (JIT) privilege elevation to user accounts in local groups of Windows resources. Please see our Release Notes to learn in detail about the same. How to Upgrade to Build 4101? If you are an existing customer of PAM360, download the upgrade pack from the following page: https://www.manageengine.com/privileged-access-management/upgradepack.html
[Community Digest] ServiceDesk Plus - March 2020
Every month is an opportunity to learn or discover something new with this quote, let's see the top activities that happened in are ServiceDesk Plus community for the month of March. Version and Build releases: We had 4 builds released, 11106, 11107, 11108 and 11109 Release Note on "11107" build - https://pitstop.manageengine.com/portal/community/topic/servicedesk-plus-11107-released Reason for revoke of "11108" build - https://pitstop.manageengine.com/portal/community/topic/important-notice-for-users-migrating-to-11108
Google Chrome releases Stable Channel Update
Hello guys, Google Chrome has updated its stable channel to 80.0.3987.162 for Windows, Mac, and Linux systems. This update also includes 8 security fixes. Below are the fixes that require immediate attention CVE ID Severity Vulnerability CVE-2020-6450 High Use after free in WebAudio CVE-2020-6451 High Use after free in WebAudio CVE-2020-6452 High Heap buffer overflow in media Initiate a sync between the Vulnerability Manager Plus server and the Central Vulnerability database
Google Chrome releases Stable Channel Update
Hello guys, Google Chrome has updated its stable channel to 80.0.3987.162 for Windows, Mac, and Linux systems. This update also includes 8 security fixes. Below are the fixes that require immediate attention CVE ID Severity Vulnerability CVE-2020-6450 High Use after free in WebAudio CVE-2020-6451 High Use after free in WebAudio CVE-2020-6452 High Heap buffer overflow in media Initiate a sync between the Desktop Central server and the Central Vulnerability database and search
Google Chrome releases Stable Channel Update
Hello guys, Google Chrome has updated its stable channel to 80.0.3987.162 for Windows, Mac, and Linux systems. This update also includes 8 security fixes. Below are the fixes that require immediate attention CVE ID Severity Vulnerability CVE-2020-6450 High Use after free in WebAudio CVE-2020-6451 High Use after free in WebAudio CVE-2020-6452 High Heap buffer overflow in media Initiate a sync between the Patch Manager Plus server and the Central Vulnerability database and search
[Blog] Transforming User Experience
Visuals give us a better understanding of not just the content, but what is behind the content — easier, faster, and clearer than just a cluster of written words. Why User experience matters for an Enterprise Software? The success of any application depends on how usable is the product to the user and how easy it is for your user to interact with. Let us take a look on how ServiceDesk plus interface provides an updated look and usability improvements. Themes for Requester Self-Service Portal:
[Tips & Tricks] How to find OID's for new devices ?
What is an OID? Object Identifier (OID) is the unique id provided by the manufacturer to identify the device/system information. Each device's information would have a unique OID. Here we are going to discuss the 2 easy ways to find OID information, 1. Get a MIB file from the Manufacturer 2. SNMP walk using a MIB browser 2.1. Using Inbuilt MIB browser in SDP 2.2. Using External MIB browser Get a
[DidYouKnow-34] Easy Resource Management
Technology helps in completing work more efficiently, faster and with great flexibility. Do you know that ServiceDesk Plus helps you in managing your daily work more conveniently? ServiceDesk Plus allows creating multiple tasks under a single request and this can be assigned to different technicians. Every day, as an admin, you are supposed to manage all these tasks. Most of the requests may contain more number of tasks and it becomes tedious to manage all these tasks in one go. So here comes the Resource
Mobile Device Manager Plus- Free Training
Join us on 14th, 21st and 28th April 2020 at 6:30 GMT or 11:30 EDT for a free training session on ManageEngine's enterprise mobility management solution - Mobile Device Manager Plus! Following topics will be covered on April 14: Device Onboarding and Provisioning: Enrollment methods to manage BYOD and corporate devices Applying corporate configurations like VPN, e-mail and Wi-Fi to devices Containerizing corporate data on personally-owned devices Monitoring devices accessing organization's corporate
[DidYouKnow-33] Initiate a quick chat from request collaboration
As you all may know, the Request collaboration feature was released with the build 9220 to overcome various hassles. Few are listed below, When multiple Technicians work on the same request in parallel, the changes(s) made by each of them are not known to one another. Such as, #The same request might be assigned to different technicians #Multiple responses might be sent for the same request by different technicians #Modifications made on a request and so on. As an enhancement to the request collaboration,
[ForYourInformation -32] Automation to delete workstation/server or move to Disposed/Expired state
In ServiceDesk Plus you can manage all your IT and Non-IT assets, the tool can also handle, software asset management, software metering, software compliance, multiple methods of scanning assets(which includes automatic scan), barcode scans and much more.. click here to more details. Usage of any application over a period of time will have a proportional increase in data and content, which can cause a lag in the application performance. Clearing out unnecessary content ( like assets) is essential
Remote Access Plus for remote work
Due to the recent outbreak of COVID-19, most global enterprises are adopting work from home policies. Organizations may extend their remote work operations well into the future to keep their employees safe. This is the new normal for IT administrators, who now have to work around the clock to monitor all of their enterprise’s endpoints remotely. The go-to solution for IT technicians is ManageEngine Remote Access Plus, which can help you adapt to remote work culture. Benefits of having this remote
WFH Essentials for managing and securing remote workforce
As most of the organizations are now forced to adopt Remote Work culture, managing and securing endpoints can be an amplified challenge. To help you ensure business continuity as your organization transitions to remote work our ManageEngine seasoned experts will be offering a 3-week webinar series to help you navigate through all the endpoint management and security challenges that IT teams are currently facing. By the end of the series, you will have a complete understanding of: All the challenges
Upgrade DataSecurity Plus to build 6013 to fix security issues
Hello All, We have fixed the Remote Code Execution and authentication bypass vulnerabilities reported by Sahil Dhar (xen1thlabs). If your current build is between 6000 and 6012, please upgrade the product immediately to the build 6013 to ensure that DataSecurity Plus continues to run safely and efficiently. To Upgrade: Download Service Pack Apologies for the inconvenience caused. Security is our foremost priority. We will strive to maintain the
[DidYouKnow-32] Pending request count can be considered as an important KPI
The measure of time taken for tickets in Pending Status can be a perfect KPI in an IT Service Desk operations, let see how? In a Helpdesk environment, tickets are handled in 2 different ways. We expect tickets raised by the users to get resolved in the first interaction, in reality, most of them require back and forth conversations, between support tech and the user for various reasons. These ticket needs more attention and will be handled with different tickets status (on-hold, waiting for approval,
All Windows versions compromised due to critical Zero-day vulnerabilities
Hello folks, Two critical zero-day vulnerabilities have been discovered in Windows Adobe Type Manager Library. Both these vulnerabilities are unpatched and allows attackers to take remote control of the systems affected (Remote Code Execution vulnerability). As of now, the attacks are not widespread and only limited targeted systems are hit. Versions affected All versions of the Windows Operating system is susceptible to attacks including Windows version 10, 8.1, 7, and Server 2008, 2012, 2016,
All Windows versions compromised due to critical Zero-day vulnerabilities
Hello folks, Two critical zero-day vulnerabilities have been discovered in Windows Adobe Type Manager Library. Both these vulnerabilities are unpatched and allows attackers to take remote control of the systems affected (Remote Code Execution vulnerability). As of now, the attacks are not widespread and only limited targeted systems are hit. Versions affected All versions of the Windows Operating system is susceptible to attacks including Windows version 10, 8.1, 7, and Server 2008, 2012, 2016,
Opening up ManageEngine's Secure Remote Access Toolkit to the World
Hi All, Due to the rapid outspread of COVID-19, Zoho Corporation (including all three brands: Zoho, ManageEngine, and WebNMS) has decided to switch its entire workforce to a remote work model. Until this global crisis has been brought under control, the majority of our 8,000+ employees residing in over 10 countries will be working from home. We're able to make this shift seamlessly only with the help of our Zoho suite of apps for remote collaboration, as well as the ManageEngine solutions for
Opening up ManageEngine's Secure Remote Access Toolkit to the World
Hi All, Due to the rapid outspread of COVID-19, Zoho Corporation (including all three brands: Zoho, ManageEngine, and WebNMS) has decided to switch its entire workforce to a remote work model. Until this global crisis has been brought under control, the majority of our 8,000+ employees residing in over 10 countries will be working from home. We're able to make this shift seamlessly only with the help of our Zoho suite of apps for remote collaboration, as well as the ManageEngine solutions for
Opening up ManageEngine's Secure Remote Access Toolkit to the World
Hi All, Due to the rapid outspread of COVID-19, Zoho Corporation (including all three brands: Zoho, ManageEngine, and WebNMS) has decided to switch its entire workforce to a remote work model. Until this global crisis has been brought under control, the majority of our 8,000+ employees residing in over 10 countries will be working from home. We're able to make this shift seamlessly only with the help of our Zoho suite of apps for remote collaboration, as well as the ManageEngine solutions for
Opening up ManageEngine's Secure Remote Access Toolkit to the World
Hi All, Due to the rapid outspread of COVID-19, Zoho Corporation (including all three brands: Zoho, ManageEngine, and WebNMS) has decided to switch its entire workforce to a remote work model. Until this global crisis has been brought under control, the majority of our 8,000+ employees residing in over 10 countries will be working from home. We're able to make this shift seamlessly only with the help of our Zoho suite of apps for remote collaboration, as well as the ManageEngine solutions for
Next Page