Your company's ad could live here and reach over 50,000 people a month!

Flexera

How to Protect Yourself against Apache Struts2 and Other Known Vulnerabilities

The unfolding of the Equifax breach shows that the attack started around two months after a patch for the Apache Struts2 vulnerability was available. That means the vulnerability could have been eliminated long before the attack. It took Equifax another five weeks to disclose the hack after it was discovered. Company stock plummeted after the breach was announced. The company is not just facing its customers’ wrath, but is also under an FTC investigation. What is Apache Struts 2? Hackers were able to take advantage of CVE-2017-5638 in Struts 2 in order to steal confidential information. Struts 2 is an Apache 2.0 licensed java web framework used to build large-scale web applications. It is commonly used in government, financial, health and large enterprise applications. While Apache Struts ...

Flexera Adds New Capabilities to AdminStudio to Reduce App Risks and Accelerate Deployments

The latest update to AdminStudio Suite includes new capabilities that solve some of the biggest challenges that face end user computing and desktop administrators. Reducing App Risks: Understanding Java Dependencies and Identifying End of Life Versions Employees and customers rely on your systems and services to be available when they need them.  There are currently over 3,000 classes of Java, and dependencies and configurations can cause havoc with packaging your business-critical applications.  And older versions of Java that are no longer supported can open your organization to unnecessary security risks. End user computing and desktop administrators, especially those who package and support third-party applications, have a general disdain for apps that rely on Java. Various apps, espec...

Microsoft Makes Unprecedented Move to Protect Windows XP and Windows Server 2003 against the WannaCry Attack

Sponsored Blog The WannaCry global ransomware attack that started early this month has spread around the world and infected hundreds of companies both big and small. The ransomware exploits the same vulnerability in practically every version of the Windows operating system. It leverages the EternalBlue Windows exploit that came out of an NSA leak last month and was released on WikiLeaks, highlighting a critical software vulnerability in the Windows Server Message Block (SMB). Microsoft released a patch (MS17-010) for its supported operating systems on March 14, and, more than 60 days later, organizations that did not patch their Windows systems scrambled to do so. If you have applied the patch for the Windows SMB vulnerability, then you have nothing to worry about. If you haven’t, you’re s...

Microsoft Retires Security Bulletins–Does That Mean More Time for Patch Management?

Sponsored Blog Last November, Microsoft announced that the Security Bulletins on Patch Tuesday would be discontinued and information about software vulnerabilities found in MS products would be  accessible only on the Security Update Guides portal (SUG). The company followed through on its promise with the April 2017 edition of Patch Tuesday, and the impact of the change has been frustration for some admins. While the portal is searchable by CVE, KB article, product or release date, the change in process has impacted the daily routines of SCCM Patch Management Admins and IT security professionals. Security Bulletins have been around for years, and the predictable and consistent delivery of these bulletins was what many organizations built their processes around. Microsoft’s format changes ...

How Your Role Can Impact Your Organization’s Security Posture

Software vulnerabilities are a root cause of cyber security issues – errors in software that work as entry points for hackers, and are exploited to gain access to corporate IT systems. In 2016, Secunia Research at Flexera Software recorded a total of 17,147 vulnerabilities in over 2,000 products. The breadth of the problem illustrates the challenge faced by IT security teams trying to protect their environment against security breaches without the necessary collaboration of others involved in the management of enterprise software assets. For organizations to stay on top of their environments, IT teams must develop a holistic approach and collaboration among different teams in a concerted effort to reduce the attack surface for hackers. In this webinar we discuss the role asset managers and...