Beginning May 8, 2023, Microsoft will implement a security upgrade within its Microsoft Authenticator application for multifactor authentication (MFA). Current users of "push notifications" within the authenticator app (our recommended method) will move to a number-matching procedure for improved sign-in security.

The rate of technology change is accelerating, along with the number of attack surfaces within a company environment. At no time was the acceleration more evident than during the height of the pandemic. Many companies had to quickly adapt and invest in technology to simply keep operating.

Systems Engineering is aware of the following vulnerability in Microsoft Outlook, Elevation of Privilege Vulnerability CVE-2023-23397. 

Microsoft rates this vulnerability as CRITICAL. 

Systems Engineering is aware of the following vulnerability in FortiGate Firewalls, FortiOS: CVE-2023-25610 / FG-IR-23-001 | FortiOS / FortiProxy - Heap buffer underflow in the administrative interface.

FortiGuard rates this vulnerability as a CRITICAL RISK.

PORTLAND, MAINE, March 2, 2023  — Systems Engineering, Inc., a leading provider of Managed IT and Cybersecurity services in New England, announced Bradford Sprague has been promoted to Director, Sales. Sprague joins the firm’s senior leadership team, assuming greater responsibility for account management and business development functions.

Systems Engineering is aware of the major security flaw affecting Citrix Virtual Apps and Desktops: CVE-2023-24483.

The vulnerability's severity is rated as HIGH.

Please be aware that cybercriminals are actively distributing malicious spam emails containing Microsoft OneNote attachments. The attachments are disguised to look like shipping notifications, shipping documents, invoices, and other common items.