Fix available for unauthenticated blind SQL injection vulnerability issue. Apply the latest service pack.
This is a security advisory for Network Configuration Manager customers using versions 123055 or earlier. We recommend that you upgrade to the latest version of Network Configuration Manager, 123057, to fix the security vulnerability described below. Description: Network Configuration Manager contained a vulnerability through which it was possible to upload files using an unauthenticated servlet. This was identified and disclosed by Digital Defense, a provider of security risk assessment solutions.
Fix available for unauthenticated blind SQL injection vulnerability issue. Apply the latest service pack.
This is a security advisory for OpManager customers using versions 123056 or earlier. We recommend that you upgrade to the latest version of OpManager, 123057, to fix the security vulnerability described below. Description: OpManager contained a vulnerability through which it was possible to upload files using an unauthenticated servlet. This was identified and disclosed by Digital Defense, a provider of security risk assessment solutions. For details, please refer to the public disclosure published
Everything you need to know about ransomware
WannaCry. Petya. Locky. These were some of the major ransomware attacks that affected organizations in 2017. Security experts believe we will see more large-scale ransomware attacks in 2018. Worried about ransomware hitting your enterprise? Join us for our webinar to learn: The basics of ransomware. The set of best practices that you can implement right away for mitigating the attack. How our real-time file server auditing solution can detect and shut down ransomware. Date and time: Feb 8th @
Join us for our complimentary US Endpoint Security seminars this March.
With a total of 159,700 cyberattacks, 2017 was a big year in cybersecurity – and 2018 is slated to be even bigger. But, is your enterprise ready? We're going city-to-city to bring you sessions on endpoint management, cyberattack prevention, patch management, asset management, enterprise mobility management, and OS deployment. Hurry up and register right now because we'd hate for you to miss out! Here are reasons why you must be there: Discover the top cybersecurity trends of 2018. Watch demos of
Join us for our complimentary US Endpoint Security seminars this March.
With a total of 159,700 cyberattacks, 2017 was a big year in cybersecurity – and 2018 is slated to be even bigger. But, is your enterprise ready? We're going city-to-city to bring you sessions on endpoint management, cyberattack prevention, patch management, asset management, enterprise mobility management, and OS deployment. Hurry up and register right now because we'd hate for you to miss out! Here are reasons why you must be there: Discover the top cybersecurity trends of 2018. Watch demos of
Join us for our complimentary US endpoint security seminars this March.
With a total of 159,700 cyberattacks, 2017 was a big year in cybersecurity – and 2018 is slated to be even bigger. But, is your enterprise ready? We're going city-to-city to bring you sessions on endpoint management, cyberattack prevention, patch management, asset management, enterprise mobility management, and OS deployment. Hurry up and register right now because we'd hate for you to miss out! Here are reasons why you must be there: Discover the top cybersecurity trends of 2018. Watch demos of
Join us for our US complimentary Endpoint Security seminars this March.
With a total of 159,700 cyberattacks, 2017 was a big year in cybersecurity – and 2018 is slated to be even bigger. But, is your enterprise ready? We're going city-to-city to bring you sessions on endpoint management, cyberattack prevention, patch management, asset management, enterprise mobility management, and OS deployment. Hurry up and register right now because we'd hate for you to miss out! Here are reasons why you must be there: Discover the top cybersecurity trends of 2018. Watch demos of
ServiceDesk Plus 9.4 framework enhancement released
Dear Users We are glad to announce the new version of ServiceDesk Plus - ServiceDesk Plus 9.4 framework enhancement released. This release does not bring any new features. However there are couple of enhancements and behavioural changes that has been introduced. This upgrade removes the jBoss dependency from the framework, reduces security risk with jBoss, increased performance and quicker startup. MYSQL will no longer be our supported database. Users who have used our SCCM plugin has to reconfigure
Hotfix 8105 released
Dear Customers, Today we have released our next hotfix 8105. Customers can download the hotfix from the below link https://www.manageengine.com/products/support-center/service-packs.html Please find the list of features and issues fixed in this release https://supportcenter.wiki.zoho.com/ReadMe-V3.html#8105 Thank You Arun Kumar Manager - Tech Support Direct Number : + 1 408 352 9115 X 7213 US : +1 888 720 9500 | Intl : +1 925 924 9500 Australia : +1 800 631 268 | UK : 0800 028 6590
[Free Webinar] Enterprise single sign-on for 100+ cloud apps
How easy would it be if users could utilize their Active Directory credentials for single sign-on authentication to cloud based applications? Today's enterprises—small, medium, or large— are forced to use a handful of cloud-based applications to meet all their business needs. Employees have to access these applications on a daily basis. The constant search for login URLs, remembering multiple usernames and passwords for different applications can be quite exhausting. This could reflect negatively
Newsletter de Enero
¡Newsletter de enero! Otro maravilloso año estelar para ManageEngine. Actualízate sobre todas las novedades que tenemos este mes y recuerda inscribirte aquí para recibirlos mensualmente en tu buzón de correo.
[Webinar Recording]: In case you missed our latest webinar on Jan 23th, 2018
Here is the recording of the latest Analytics Plus webinar on the topic- "Crack open data silos: Analyze data from databases and third-party applications"
ServiceDesk Plus 9335 Released
Dear Users, SDP 9335 has been released and can be downloaded from the URL below, https://www.manageengine.com/products/service-desk/service-packs.html Issues fixed in 9335: SD-69732 : Technician name is set as empty in Desktop Central when the technician name is edited in ServiceDesk Plus. SD-69971 : In some SSO-enabled environments, blank page appears during login. SD-69958 : Vulnerability fixed. Please refer to the below link for the steps to install the patch. https://www.manageengine.com/products/service-desk/service-packs.html#sp
Fix for Meltdown and Spectre
Hi All Greetings from Desktop Central technical support team. Please use Desktop Central's Patch management to mitigate the vulnerability. Here are the bulletin details from MS. CVE-2017-5753 - Bounds check bypass CVE-2017-5715 - Branch target injection CVE-2017-5754 - Rogue data cache loadFor more read.. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 How to identify the Meltdown & Spectre using Desktop Central scan? 1. Sync the Patch DB & Scan all Systems. 2. To find
ServiceDesk Plus 9334 Released
Dear Users, SDP 9334 has been released and can be downloaded from the URL below, https://www.manageengine.com/products/service-desk/service-packs.html Issues fixed in 9334: SD-69824 : Agent certificate and jar signed certificates are expired. Msi and jar files needs to be signed with the latest certificates. SD-69626 : Upgrade failure occurs when a CI type which is created later is made the parent type of a CI type created earlier. Issue occurs when both the CI types are mapped to a same product
[Free Webinar] How to mitigate Meltdown and Spectre?
Its been ten days since #Meltdown and #Spectre nightmare. Attend this webinar to know, how you can patch your entire network of systems without BSD, ask questions about Microsoft security updates, the registry key checks, performance impact, and other bios updates.We are also offering few security best practices and mitigation procedures to reduce the threat posed by Meltdown and Spectre. Webinar is on Jan 17, 10:30 am GMT. Register Now Here are some FAQ's on meltdown and spectre.
Top 5 critical alerts you need for IT security (free webinar)
The first step in detecting and responding to security threats is getting to know immediately when events of interest occur. Register for our free webinar "Top five critical alerts you need for IT security" to learn about the events you need to monitor in your network and how a SIEM (security information and event management) solution can alert you for these events to ensure security and compliance. Register Now Date and Time: Jan 17th, 2 PM GMT and 2 PM EST
ManageEngine: Free Webinar - Securing and monitoring file integrity
Monitoring file integrity helps secure your confidential business data against insider threats and cyber attack. In our "Monitoring and Securing Windows file integrity" webinar you will learn how file integrity monitoring can help strengthen security and streamline adherence to compliance requirements in your organization. Register Now for free Jan 16th, 02 PM EST Hosted by Derek Melber, MVP Join us and learn how to Get real-time alerts on unauthorized access to files? Leverage file monitoring,
[Webinar] Crack open data silos: Analyze data from databases and third-party applications
Date: January 23, 2018. (2:30pm AEDT | 10am GMT | 11am PST) Presented by: Daniel Charles, Product specialist, Analytics Plus Agenda: Cracking open data silos and making data available for analysis. The biggest challenge for business executives today isn't about the volume, variety or velocity of data. It's not even about the technology or skill-base needed to analyze the data. It's getting access to data. Does it always have to be so difficult? Not really! Join us for a free webinar and we'll
ManageEngine's GDPR & IT Security Seminar in London - Register Now
Hi, How strong is your cybersecurity strategy? Implementing better cybersecurity tactics and meeting the GDPR mandates can help improve overall security and restrict access to personal data. ManageEngine ADSolutions team invites you to attend the free seminar on "GDPR & Cyber Security" in London. Derek Melber, Active Directory MVP, will unravel the mystery surrounding the GDPR and help you lay out your organization's security roadmap in tune with the new mandate. There will also be sessions that focus
Microsoft Patch Tuesday January 2018 updates
This month’s Microsoft Patch Tuesday security updates address 59 vulnerabilities, out of which 16 are critical threats and 20 can be leveraged by attackers for remote code execution. Microsoft has suspended updates for AMD processors after reports of Blue Screen of Death errors. Some antivirus programs also appear to be incompatible with these updates.
Free training - Network Configuration Manager
Hi there, Want to know how to manage network configurations easily? Interested in automating network configuration management? Well, we have the solution. Join your network peers in the free training on Network Configuration Manager and learn how to keep your network at peak performance from our ITOM experts. We've split the training into two modules so that you can learn the most about NCM: January 23, 2018 | 11.30 AM EST : Configuration backup, Config change management & disaster recovery. Agenda:
[Free Webinar] Tracking insider threats - Register now
The insider poses perhaps the greatest threat to network security, which is why it is imperative for each of us to know about the various ways in which insiders attack and how to setup tracking so that malicious behavior can be detected early. Register for this webinar to learn about: How to reduce and eliminate attacks against Microsoft authentication protocols What to monitor on user workstations How to monitor and reduce privilege escalation attacks Register for free Jan 9th, 02 PM EST & Jan
ServiceDesk Plus 9333 Released
Dear Users, SDP 9333 has been released and can be downloaded from the URL below, https://www.manageengine.com/products/service-desk/service-packs.html Issues fixed in 9333: SD-69633 : Vulnerability fixed. SD-69338 : Migration fails while applying the 9327 patch throwing the following error, "Out Of Memory" which is due to the huge data present in the Notification table. SD-69629 : Issues with marking of filters as "favorites" and in filter order rearrangement in Request custom filter. Breakage occurs
Webinar: How to mitigate the Meltdown and Spectre bugs. (Register Now)
Meltdown and Spectre, two massive hardware bugs that exist in Intel, AMD, and ARM processors that are capable of exposing any sensitive data that is being processed in your countless desktops, laptops, and other devices. Attend this webinar, to know how these bugs exploit sensitive data and mitigate them right away. Agenda: Quick recap of the devastating intel bugs and their impacts. Understanding the difference between Meltdown and Spectre. Methods to mitigate Meltdown and Spectre. Webinar details:
[Free Webinar] Tracking insider threats - Register now
The insider poses perhaps the greatest threat to network security, which is why it is imperative for each of us to know about the various ways in which insiders attack and how to setup tracking so that malicious behavior can be detected early. Register for this webinar to learn about: How to reduce and eliminate attacks against Microsoft authentication protocols What to monitor on user workstations How to monitor and reduce privilege escalation attacks Register for free Jan 9th, 02 PM EST & Jan
Mitigation for Meltdown and Spectre exploit
Introduction to Meltdown and Spectre Meltdown and Spectre are two new hardware bugs that exist in Intel, AMD, and ARM processors and capable of exposing any sensitive data processed by countless computers and devices. Personal data like passwords, photos, emails, and even business-critical documents can be accessed and stolen. Read more. Exploits CVE-2017-5754 (Meltdown) and CVE-2017-5753 and CVE-2017-5715 (Spectre). Mitigation Bulletin ID: MS18-JAN1 ManageEngine patch management team have already
Planned maintenance of our US Data Center
Dear Customers, We had announced in September 2017 about the annual infrastructure maintenance of our US Data Centers in this post. Because of unavoidable reasons, the activity was postponed and we promised to keep you informed on the future dates. Planned Maintenance of our US Data Centers is scheduled from 17th December, 2017 to 31st December 2017. During this upgrade process, ServiceDesk Plus OnDemand will continue to be operational and we do not anticipate any major interruptions in using our
Security Update - ManageEngine Desktop Central
Dear Users, Wishing everyone a happy and productive New Year. Quick security update on password encryption violation in Desktop Central and MSP products. Any user who can access the Desktop Central Server computer can acquire specific passwords in Desktop Central has been handled and released in build 100157. #securityupdate-dc For more details, Desktop Central https://www.manageengine.com/products/desktop-central/password-encryption-policy-violation.html Desktop Central MSP https://www.manageengine.com/desktop-management-msp/password-encryption-policy-violation.html
ServiceDesk Plus 9332 Released
Dear Users, SDP 9332 has been released and can be downloaded from the URL below, https://www.manageengine.com/products/service-desk/service-packs.html Issues Fixed in 9332: SD-69627 : Request custom filters and advanced search are not working. Please refer to the below link for the steps to install the patch. https://www.manageengine.com/products/service-desk/service-packs.html#sp Regards, Edwin Vasantha Kumar Servicedesk Plus Team
Register now for Applications Manager's free training series!
Hello IT folks! Mark your calendars for Applications Manager's free four-day training program on Jan 24th, Jan 31st, Feb 7th, and Feb 14th, 2018. With our industry experts, let us together help each other understand the nuances of Applications Performance Monitoring with Applications Manager. Distributed across four days, split into agendas covering every critical aspect in complete detail, this training will enrich your IT teams already working with Applications Manager as well as other employees
Pre-Installed Keeper Password Manager on Windows 10 exposes systems to passwords stealing
Problem: There's a good reason why security analysts get nervous about bundled third-party software: it can introduce vulnerabilities that the companies can't control. Google researcher Tavis Ormandy discovered that a Windows 10 image came bundled with a third-party password manager, Keeper, which came with a glaring browser plugin flaw -- a malicious website could steal passwords. Solution: It is recommended to disable Content Delivery Manager (for PreInstalledApps enabled) using Desktop Central's
Gear up for the Festive season
We wish all our users experience the most exuberant times with your near and dear ones on this joyous festive season. We look forward to working with you all in 2018. Wishing you all a very Happy festive season!
ServiceDesk Plus iOS App 4.4 Released
Dear User, ServiceDesk Plus iOS app 4.4 has been Released. Please find the App store link below, https://itunes.apple.com/in/app/servicedesk-plus/id460035266?mt=8 Features included in 4.4 are: 1. Support for Asset module (from server build 9330). • View and search assets. • Fetch asset details by scanning a barcode. • Scan multiple barcodes and add them as new assets. • Web RDP. 2. Broken navigation bar-buttons on the resolution, work log and notes screens have been fixed. 3.
ServiceDesk Plus 9331 Released
Dear Users, SDP 9331 has been released and can be downloaded from the URL below, https://www.manageengine.com/products/service-desk/service-packs.html Behavior Changes in 9331 Group Filter in request list view filter will be removed by default. You can enable the groups again in the request list view filter by accessing admin>>self service portal settings>>Show groups in request list view filter. V3 API: The parameter name 'input_data' must be in lower case. V3 API: Technician key is deprecated as
Webinar: Preparing for the GDPR with privileged access management
Hi All, With 11 chapters, 99 articles, and 300 pages of text, the European Union's General Data Protection Regulation (GDPR) is undoubtedly one of the most complex regulations of recent times. IT teams, security analysts, CIOs/CTOs, and even C-level executives are finding it difficult to decode the GDPR's technical terms and devise a plan of action. Like it or not, any company that handles EU consumers' personal data needs to be GDPR-compliant on or before May 25, 2018. And the GDPR isn't just another
RecoveryManager Plus Rolls out Build 5320
Hello, Everyone! We are glad to release the latest version of RecoveryManager Plus build 5320 which comes with the ability to backup and restore Windows file servers. New features: Windows file server backup & restoration: Backup and restore Windows file servers. Bare metal restoration: Restore your Windows servers from scratch. File/folderFile/folder/volume restorations: Perform file, folder, and volume level restorations of your Windows servers (file servers and DCs). Virtual environment File/folder
Script Master 20 : Auto share request to users specified on a request field
Hey Guys, We are sorry for not posting a script for a while. Here comes our next script on our series, https://resources.manageengine.com/resources/resource/auto-share-requests-to-users-specified-on-a-field
Top ADAudit Plus features of 2017
Over the past year, the ADAudit Plus team has been hard at work adding new features, enhancing existing ones and fixing issues; with the sole motive of improving user experience. Watch this video to learn about the top ADAudit Plus features of 2017, which help- Meet security and compliance needs across on-premise/Azure/hybrid AD environments with the newly added Azure AD auditing. Monitor user productivity using the ‘User Attendance’ report. Get complete visibility across EMC storage with the newly
Community : Tips for better utilization
Season's greetings from all of us at ServiceDesk Plus support. We are happy to see that the transition to the new community portal was smooth for most of our customers. Or, did you face any issues? We'd be happy to hear from you. Here are a few tips that will help you use this space better: 1.If you are a paid customer and want to log a request with us, please head to support.servicedeskplus.com 2.If you are a free user, please post your queries on the community page; one of our community coordinators
Next Page