The Corner View

September 2023 Patch Tuesday. Microsoft released security updates for products that preempt and mitigate critical vulnerabilities that may affect your infrastructure.

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). Citrix released an advisory tagged CTX561482

If you have been watching the vulnerability space, you know by now about the MOVEit utility security issues. Just today, the news is breaking that several US government agencies have been affected. We are strongly encouraging everyone to remediate this risk.

Cisco published two alerts for the following products. Please follow the steps to remediate them. For assistance, contact Patrick Boyd, Director of Operations by email, Patrick.Boyd@Cornerstone.IT or by phone at 646-530-8930

October 10th, of 2023, might seem far off but that’s when Microsoft is ending support for Windows Server 2012 and Windows Server 2012 R2.

If you’re still on Windows 10 version 20H2 Enterprise Edition — servicing stops on May 9, 2023. We strongly recommend upgrading eligible devices to Windows 10 or Windows 11. Contact us for assistance

Here’s what Jim Moreo, CEO & Co-Founder thinks about Bain Capital Tech Opportunities’ minority investment in iManage.

On Monday, March 24th, 2023, Microsoft announced that it is enabling a transport-based enforcement system in Exchange Online serving three functions: reporting, throttling, and blocking.

May 30th, 2023, marks the end-of-life (EOL) for Citrix NetScaler firmware 12.1. EOL refers to the termination of support and updates for Citrix NetScaler 12.1. This means that after the May 30th date, Citrix will no longer provide technical support, security updates, or bug fixes for NetScaler 12.1. Users’ Citrix NetScaler devices will no longer receive critical security updates or technical support, leaving their devices vulnerable to potential security threats and software bugs. This can result in reduced system performance, reliability, and compatibility issues with newer software and hardware.

CISA added a zero-day vulnerability affecting Microsoft Outlook that is actively exploited in the wild. Microsoft has released a patch for the vulnerability as part of their March 2023 Patch Tuesday.

CISA identified VMware products to the CVE-2021-39144 vulnerability in its Known Exploited Vulnerabilities (KEV) catalog following confirmation from VMware that this bug is being exploited since December 2022.

A vulnerability been found in Veeam Backup & Replication that enables an unauthenticated user to request encrypted credentials, which can give them access to server hosts used for backup infrastructure.

NEW YORK, NY – January 17, 2023 – This month Cornerstone.IT marks its 20th anniversary of helping midsize law firms stay ahead of the technology curve.

Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

Citrix recently announced NetScaler firmware version 12.1 is going end-of-life (EOL) in May 2023 and NetScaler firmware version 13.0 will reach end-of-maintenance at the same time.