888.624.6737

syse-blog-header

SECURITY ALERT: VMware Tools local privilege escalation vulnerability

August 26, 2022

On Tuesday, August 23, an advisory notification was released by VMware, the virtualization technology software firm, announcing a local privilege escalation vulnerability (CVE-2022-31676). Updates are available to remediate this vulnerability in affected VMware products.

Read More »

Security Bulletins & Alerts

SECURITY BULLETIN: Mitel MiConnect VOIP Zero-Day Vulnerability

June 28, 2022

Several cybersecurity research groups have identified and studied the use of a Zero-Day vulnerability found in the Mitel VoIP MiConnect solution, CVE-2022-29499. The vulnerability exists due to improper input validation in the Mitel Service Appliance. A cyberattacker can send a specially crafted HTTP GET request to the application and execute arbitrary Operating System commands on the target system. Successful exploitation of this flaw may result in the complete compromise of the vulnerable system. This vulnerability has been successfully exploited by at least one ransomware group.

Read More »

Security Bulletins & Alerts

SECURITY ALERT: log4j-CVE-2021-44228

December 21, 2021

UPDATE: December 21, 2021- We have identified the products Systems Engineering sells and supports that are impacted by the log4j vulnerability. Affected products are listed below along with our plans to address each.

Read More »

Security Bulletins & Alerts

SECURITY ALERT: November 2021 Exchange Server Security Updates

November 11, 2021

The November 2021 Microsoft Patch Tuesday updates were released on November, 9th. The full release covered 55 security updates and vulnerabilities found in Exchange Servers 2013, 2016, 2019. Included in this release is a patch that covers an actively exploited zero-day vulnerability classified as CVE-2021-42321 - Microsoft Exchange Server Remote Code Execution Vulnerability. This one vulnerability only affects on-premises and hybrid Exchange servers 2016, and 2019. 

Read More »

Security Bulletins & Alerts

SECURITY ALERT: MS Exchange Server Remote Code Execution Vulnerability

July 15, 2021

The July 2021 Microsoft Patch Tuesday updates were released on July 13. One of those patches addressed a publicly disclosed but unexploited, zero-day vulnerability classified as CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability affects on-premises Exchange servers 2013, 2016, and 2019, and was assigned a severity of critical.

Read More »

Security Bulletins & Alerts

SECURITY BULLETIN: Kaseya VSA Security Incident

July 08, 2021

UPDATE: July 27, 2021

In a Friday, July 23, 2021 announcement, the Kaseya Incident Response team reported no reports or issues with their remediation efforts for customers impacted by the July 2nd localized ransomware attack against their VSA on-premises product. Due to this positive report, Systems Engineering has resumed the use of the two unaffected Kaseya modules we were monitoring as a result of the original VSA attack.

Read More »

Security Bulletins & Alerts

SECURITY ALERT: Windows Print Spooler Vulnerability - PrintNightmare

July 01, 2021

UPDATE: July 7, 2021

As of July 6th, Microsoft has completed investigations and released security updates (patches) to address the Windows Print Spooler vulnerability. Systems Engineering recommends patching your workstations and servers to address this and any future vulnerabilities. Our clients who

Read More »

Security Bulletins & Alerts