Security News
Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "May allow an attacker to read unauthorized data or write an arbitrary zip file on the server," the company noted in an advisory.
Zoho has addressed a new critical severity vulnerability that affects the company's Desktop Central and Desktop Central MSP unified endpoint management solutions. ManageEngine Desktop Central is an endpoint management platform that allows admins to deploy patches and software over the network and troubleshoot them remotely.
Zoho has addressed a new critical severity vulnerability that affects the company's Desktop Central and Desktop Central MSP unified endpoint management solutions. ManageEngine Desktop Central is an endpoint management platform that allows admins to deploy patches and software over the network and troubleshoot them remotely.
Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. Affected platforms include Windows Server 2022, Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2. The updates that address this issue are not available from Windows Update and will not install automatically on affected systems.
Recently released Dell BIOS updates are reportedly causing serious boot problems on multiple laptops and desktop models. Impacted models include Dell Latitude laptops, as well as Dell Inspiron 5680 and Alienware Aurora R8 desktops.
SentinelOne researchers have unearthed a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services like Amazon Workspaces, NoMachine and Accops to allow users to connect and share local devices over network. The vulnerabilities affect both the cloud services and their end users.
The North Korea-linked ScarCruft advanced persistent threat group has developed a fresh, multiplatform malware family for attacking North Korean defectors, journalists and government organizations involved in Korean Peninsula affairs. ScarCruft specifically controls the malware using a PHP script on a compromised web server, directing the binaries based on HTTP parameters.
Across the country businesses and public agencies alike are holding virtual job fairs and summits and talking about the effects of the virtual workforce. One solution to this hurdle is the virtual desktop, such as Microsoft's Azure Virtual Desktop, which can be an easy way to deploy and manage desktop and application virtualization via a service running in the cloud.
Microsoft has fixed a known Windows 10 issue causing smartcard authentication to fail when trying to connect using Remote Desktop after installing the cumulative updates released during last month's Patch Tuesday. Microsoft has already rolled out a fix to address this issue via the Known Issue Rollback feature to affected Windows 10 devices.
The latest version of the world's most popular Linux distribution, Ubuntu 21.10, codenamed 'Impish Indy', has landed on Canonical's download channels. The 'Server' edition of Ubuntu 21.10 comes with 'needrestart' enabled by default, includes certified NVIDIA GPU drivers, and offers a 'minimal' installation option to accommodate IoT or container installations.