How Unpatched Software Affects Your Business
In this article, we will discuss how unpatched third-party applications can hurt your business and what you can do to mitigate the risks.
Scappman is Now Exclusively for Partners!
If you are a new direct customer, please explore Patch My PC for your software management needs.
In this article, we will discuss how unpatched third-party applications can hurt your business and what you can do to mitigate the risks.
It sounds so simple: always install the latest updates on all operating systems and third-party applications over the entire IT infrastructure. So why is keeping OSs& software up to date one of the most common weak points in companies? Unfortunately, for many IT admins, manual patching has turned into an endless ever-growing task and missing one application update can create a large security hole that affects the entire organization. According to a recent study by the Ponemon Institute, nearly 60% of companies don’t patch their systems on a regular basis. These security holes in your IT system can result in a loss of critical data, violate privacy policies, and eventually lead to security breaches. Just think of all the times when you or your employees postpone the update notifications on their devices. These notifications are important updates that keep your business’s information safe. Ignoring these updates leaves your business vulnerable to data breaches and other security breaches. CVEs in OSs and third-party applications are always being discovered. For example, more than 50 CVEs a day were discovered in 2021. In response software vendors regularly issue patches to cover the security gaps. But patching matters not only for security reasons but also, to increase stability, add new features, change UI, and fix bugs. To know more about patches read our blog “What is Patch Management: stages, best practices, challenges, automated patch management” For all these reasons, patching remains the single most important thing you can do to secure technology in your organization and is why applying patches is often described as the basics. But still, implementation of proper patch management for most companies is easier said than done. We highlighted the top 5 reasons why companies do not patch. Top 5 reasons why companies don’t patch their software Patching can break everything. The most common reason is that there’s a real fear that the solution could become the problem. In some cases, a patch can break something vital in an unpredicted manner. This can be explained by the big number of patches that you have to deploy. Patching takes time. Patching is repetitive, unrewarding task – IT professionals have to regularly check for updates and then install them, which can be a drain on resources. Ideally, they must test the patches before rolling them out fully – which can help uncover any problems they may cause, but which also takes more time and money. Furthermore, some patches can be more difficult to install than others. This can cause delays in getting the updates installed, which can impact business operations. You can only patch something if you know it exists. As it’s hard to maintain accurate, up-to-date asset inventories across big IT systems, many organizations don’t have a clear overview of applications installed, endpoints and other assets. Consequently, if you don’t know which applications you have installed on which devices, you don’t know what to patch. Too many patches to keep up with. Even if companies are able to manage OS updates, third-party application vulnerabilities are often overlooked, leaving endpoints at risk. To illustrate this challenge, we always use this example. Google Chrome releases a full OS update once a week. To package and test the update, an IT specialist spends 3-8 hours. Thus, only for patching Google Chrome, an IT specialist must spend an enormous amount of time, going through the patching cycle 3-4 times a month. An average company uses 110 applications, which means you have to monitor 110 applications for updates. It’s not hard to see how the number of outstanding patches can quickly overwhelm an already busy IT department. End user resistance. Who can relate: you have received an update notification and clicked the “remind me later”? Users just want to get their work done and rarely consider security during their day-to-day operations. The last thing they want is to spend time waiting for the update to be installed or be forced to reboot the laptop. What they do is:“I’ll do it later,” or “it’s probably not important” *click Postpone*. This seemingly innocent event can have serious consequences for the entire business. None of the reasons above (the excuses, we would say) is the actual reasons, that allow you not to patch as much you can. The only solution is automated patch management. Experts say patch automation is critical for easing operational burdens on IT staff and minimizing errors. According to the Ponemon Institute survey (2019), only 44% of organizations used automated solutions for patch management. Automated patch management solutions can help organizations keep track of all of the patches that need to be applied, and they can automate the process of deploying patches and updates. That’s why Scappman should be implemented into patch management in your company. Scappman is a 100%-cloud solution that automatically installs all the necessary updates for your applications. Scappman automates the whole process of uploading the application and updating it in the Microsoft Intune environment. There are more than 800 third-party applications in Scappman App Store, that are always up to date and secure to use. We’ll make sure that hackers can’t use vulnerabilities in outdated applications to steal or encrypt your data. To know more about Scappman and automated third-party patch management book a demo with our team.
If you still haven’t heard of the discovered Apache Log4j vulnerability, you are at big risk now – MUST-READ! Last Tuesday, on December 9, 2021, a high-level vulnerability that affects the core function of Log4j – CVE-2021-44228, aka Log4Shell or LogJam, was discovered by the Alibaba Cloud Security Team. Since then, the number of attacks exploiting the flaw has exceeded one million. What is Log4j and why its vulnerability can affect the security of your data? Log4j is an open-source Apache logging library that is commonly used in many applications to keep track of user activity within an application. A lot of Java-based applications and cloud services use Log4j logging library, like Apple iCloud, Amazon, Cisco, Cloudflare, Red Hat, Steam, Twitter. And now all these services are vulnerable. The discovered vulnerability – Log4Shell – gives attackers the ability to run remote code execution (RCE) on vulnerable applications, which basically means that they can perform ANY action with your data with no authentication: the data can be stolen, deleted, encrypted, or hold for ransom! According to the CVSS scale, Log4Shell is rated with a score of 10 out of 10. It’s been already thousands of confirmed attacks on companies’ data using CVE-2021-44228, which is not a surprise. What makes Log4shell especially dangerous is that Log4j library is used by millions of application vendors and the ease of attack executions with this vulnerability. So, experts expect even more attacks in the coming weeks. Patching is the only option! But the main question is – what can companies do to prevent the vulnerability of their data? Patching and keeping your applications up to date! Patching a single application isn’t that difficult, but each application must be tested to be sure that the updated app works properly. While patching applications is extremely time-consuming, it’s a top priority for all organizations to keep their data secure. How Scappman can help to protect data in your company? If you still haven’t heard of Scappman – now it’s the time! Scappman is a must to prevent damage from Log4j vulnerability because we update third-party and private apps for you, so you can be sure that the latest versions of apps are installed on every computer and your data is secure. No need to spend days patching a single application! P.S. A non-exhaustive list of vulnerable software you can find here: https://github.com/NCSC-NL/log4shell/tree/main/software
A day zero-bug or zero-day attack, as defined by Hewlett Packard, “occurs when a vulnerability is being exploited before the vulnerable software vendor has knowledge of the vulnerability and develops a patch.” Zero-day attacks are dangerous because malicious hackers can use them to exploit vulnerabilities before patches are even available. So the meaning of a zero-day bug is pretty straightforward; it’s the same as when you ask a company when they want a project finished, and they say, “Yesterday.” Yesterday was the day everything was alright. Contrastingly, today is not. You have less than a day or zero days to fix the bug or have the vendors create a patch. The difference between a zero-day vulnerability, a zero-day exploit, a zero-day attack and a zero-day virus A zero-day vulnerability is a programming vulnerability discovered by hackers upon vendor deployment. There’s no software patch available for zero hour exposure, enabling any assault to proceed. So a zero-day is the opposite of a known vulnerability, which is a known vulnerability, with a published patch. A zero-day exploit is an action taken by hackers to obtain access to a system containing an unexpected vulnerable flaw. A zero-day attack is an attack that uses a zero-day exploit or attacks the system with a zero-day vulnerability. A zero-day virus is a technical term for computer malware created, not yet discovered. It’s all in the patches Patching and updating are crucial aspects of removing vulnerabilities. The increase in cyberattacks during the pandemic has been phenomenal. Some reports state a rise of 600%, with a noticeable increase in attacks targeting mobile devices. But 9 out of 10 times, if you’re in this industry or market, you’ll probably already know this. With working from home and BYOD policies, it’s becoming an even bigger issue. The reason is straightforward; it’s an open door for hackers. Even when company policies and VPNs are in place, it’s still tricky for IT managers to keep hackers out of their systems. That’s why Microsoft Endpoint Manager and Microsoft Intune are necessary software in every enterprise currently working in a Microsoft ecosystem. And if you really want to be secure, it’ll be even better to include Scappman as an add-on. Scappman is a 100% cloud solution that automatically installs your applications and keeps them up-to-date, saving hours of IT team time. So now you know the difference between attacks, exploits, etc. Remember: It’s better to be safe than sorry.
Given the number of cyberattacks facing companies these days, fixing vulnerabilities has become one of the biggest challenges. According to the US-CERT Vulnerability database, 18376 new security vulnerabilities were detected in 2021, which surpasses the 2020 record of 18351. But more than half of them (57%) could have been prevented by being identified and fixed on time. Another example to support the importance of the problem is that only 16% of executives are prepared to deal with cyber threats. Thus, identifying, assessing, and remediating new endpoint vulnerabilities is crucial in implementing a successful security strategy. Microsoft Threat and Vulnerability Management (TVM) helps organizations with these. It discovers the vulnerabilities that exist on the onboarded endpoints, and errors in the configuration in real-time with sensors and gives recommendations that you can follow to secure your endpoints. In this blog, we will cover TVM’s functionality and how it helps you increase the security of your IT system by identifying vulnerable applications and software. What is Microsoft TVM? Microsoft TVM is one of the security pillars of Microsoft Defender for Endpoint, which aims to identify vulnerabilities and misconfigurations in real-time and prioritize them based on the threat landscape. It is cloud-powered and fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledge base. Microsoft TVM is a game changer – it helps bridge the gap between security operations, Security Administration, and ID administration. Real-time discovery. Vulnerabilities discovery is the first step in TVM. Microsoft Defender for Endpoint constantly collects and transmits all the information about the endpoint (OS, the installed applications and behavior of the device) to the cloud using the built-in sensors in Windows 10/11. Real-time discovery functionality means: Real-time device inventory – Devices onboarded to Defender for Endpoint automatically report and push vulnerability and security configuration data to the dashboard. Visibility into software and vulnerabilities – Optics into the organization’s software inventory, and software changes like installations, uninstalls, and patches. Newly discovered vulnerabilities are reported with actionable mitigation recommendations for 1st and 3rd party applications. Application runtime context – Visibility on application usage patterns for better prioritization and decision-making. Configuration posture – Visibility into organizational security configuration or misconfigurations. Issues are reported on the dashboard with actionable security recommendations. 2. Intelligence-driven prioritization. TVM provides insights that help users to prioritize security tasks and focus on the most urgent ones. Furthermore, users receive security recommendations based on the dynamic threat and business context: Emerging attacks in the wild – Microsoft threat intelligence determines emerging threats around the world. Based on this data, it prioritizes the security recommendations to focus on currently exploited vulnerabilities with the highest risk. Pinpointing active breaches – Microsoft Defender for Endpoint knows what attacks are currently happening in your organization. TVM processes this data in order to prioritize security recommendations. Protecting high-value assets – as it is a Microsoft solution, there is a deep integration with Microsoft Information Protection, that enables identifying of confidential data or business-critical applications. 3. Seamless remediation involves security and IT administrators. The security admins track and manage vulnerabilities, while the IT admins are responsible for patching. TVM Components Threat & Vulnerability Management Dashboard: gives a high-level view on the security of the organization, including the exposure score, Microsoft Secure Score, and device exposure distribution. To access the TVM dashboard go to security.microsoft.com. On the pane go to Endpoints -> Vulnerability management -> Dashboard. Exposure score is a metric that reflects the overall exposure of the endpoints across the organization. The lower the score the better. The exposure score is broken down into levels: 0–29: low exposure score. 30–69: medium exposure score. 70–100: high exposure score. There are many factors that have an impact on the exposure score, such as the number of weaknesses discovered on your devices, the likelihood of a device getting breached, and the value of the device to the organization. On the exposure score pane, you can see the dynamic of the score, which is changing all the time due to newly released CVE’s and taken actions. Microsoft Secure Score reflects the collective security configuration state of the endpoints across 6 categories: Application Operating system Network Accounts Security controls Device exposure distribution The higher the score, the more your endpoints are protected against cyber threats. Microsoft Secure Score is calculated based on the configuration discovery assessment on all endpoints of the organization which is compared to benchmarks maintained by Microsoft – recommended configurations from applications vendors and internal research team in Microsoft. The dashboard also provides configuration score trend over time, so you can track how the score evolves over time. Device exposure distribution demonstrates how many devices are exposed based on their exposure level. Selecting a section in the doughnut chart you can see the list of devices affected, their exposure and risk level, domain, OS platform, Windows version, health state, when it was last updated and tag. Recommendations Threats and vulnerabilities identified in your company are mapped to security recommendations and prioritized by their impact. Following prioritized security recommendations, you can reduce your exposure score and increase your configuration score. Every device is scored based on 3 factors in order to help users to focus on the right things at the right time: Threat: characteristics of the attack happening with the particular vulnerability. Breach likelihood: your company’s security posture and resilience against vulnerability. Business value: impact on the company’s assets and processes. To access Security Recommendations, go to Vulnerability management -> Recommendations. Security recommendations details Let’s take a closer look at one of the recommendations (Update Microsoft Windows 10 (OS and built-in applications). After clicking on the recommendation, you’ll see the details of the recommendation, including: A description of the security recommendation Number of exposed devices and list of all endpoints Impact on exposure and secure scores List of vulnerabilities associated with the recommendation breakdown of CVEs based on the impact (critical, high, medium, low) Description of CVE Related threats Exposed OS In the security recommendations menu, you also can:
What is vulnerability management? Vulnerability management is the practice of proactively identifying and assessing vulnerabilities within an IT system, a crucial element in executing a cybersecurity strategy. This means that computer systems are potentially a significant risk to the system’s security when vulnerabilities are not addressed. If vulnerability had a slogan, it would be: “better safe than sorry”. Common vulnerability scoring system (CVSS) A nonprofit called “FIRST” is looking to standardize this in a framework called the CVSS or Common vulnerability scoring system. Based on analyzing their data from several CISOs and experts in the security information industry, they have already released their 3rd version of their model. It’s now more focused on timing and environment. You have a base metric group, a temporal metric group, and an environmental group. The cool thing about the guys from “FIRST” is that they have their online calculator to check your vulnerability scores. You can find it here. The range goes from 0.0 to 10.0. Based on the CVSS, the average vulnerability was 7.1 out of 10.0, to give some numbers. Google and Microsoft had the most vulnerabilities, respectively 1123 and 1108. These two make up more than 10% of the total number of vulnerabilities in 2021. If you must think about your own company, you’re 99% working with either of these products. To mitigate these vulnerabilities, vulnerability management is the best way forward. Taking charge and ownership is the way forward. The first step in vulnerability management is detecting the vulnerabilities. Microsoft Defender for Endpoint can be one of those products that can help build a healthy security environment. It discovers vulnerability and misconfigurations in real-time with sensors. It’s the first barrier against ransomware, malware, and hackers. Patch management is a second barrier A patch management policy should be a second barrier. As many as 60% of the data breaches were related to vulnerable software, so software that wasn’t patched. As weekly costs on maintenance rose by 34%, the cost of care surpassed those of the previous year. Lowered reliability due to vulnerabilities’ rectification took up more time during the last years. You can find more about patch management policy here. What are the vulnerability management best practices? A vulnerability management system is needed at any company to effectively manage any risks afflicted by unaddressed flaws in IT systems. Here is the checklist to help you make sure you’ve covered all the basics and are protecting your company IT infrastructure in a responsible way. This inventory should include OS + versions, native and third-party applications used by users in your organisation. With a clear overview of your IT environment, you can make sure you’re patching everything needing to be patched. Microsoft TVM is a good solution to provide you with a full overview of your IT system. To know more about Microsoft TVM, read this blog. 2. Prioritize vulnerabilities Classifying vulnerabilities based on impact and severity is one of the basic steps to remediate risks. Categorizing these vulnerabilities helps businesses to understand and assess the issues. In Microsoft TVM you can see the severity of the vulnerability (Vulnerability Management -> Weaknesses). Read more here. 3. Apply patches as soon as possible, but don’t forget about testing It’s essential to install software updates as soon as they are available, but in the meantime, a bad patch can break other parts of your system. To avoid this – test the patches before you deploy them to the entire system. 4. Scan and audit your IT environment for any vulnerabilities missing regularly The longer these security holes are open, the more likely it is you’ll be attacked. Patch management should be a continuous process with regular and ongoing scanning. 5. Automate the match management process With the right software to manage your patches, like Scappman, you can significantly reduce the amount of work you have to do. This software is much more effective than doing things manually, so it’s worth of investment. Just remember it’s better to be safe than sorry.
A newly discovered zero-day vulnerability in the Spring Framework for Java is definitely drawing the attention of the IT community. With a critically high threat level (the CVSS score is 9.8 out of 10.0), vulnerability CVE-2022-22965, or Spring4Shell, is already being compared to Log4Shell due to the similarity in the method of exploitation. According to the first assessments, Spring4Shell affected over 16% of companies worldwide, with the most impacted region being Europe, with an impact of 20% of businesses. In the first days since the vulnerability was detected, more than 37 K attempts to exploit this vulnerability were confirmed. What is Spring4Shell? Spring4Shell is a zero-day Remote Code Execution (RCE) vulnerability caused by an error in the mechanism which uses client-provided data to update the properties of an object in the Spring MVC or Spring WebFlux application. The Remote Code Execution (RCE) Vulnerability can be easily exploited by sending a specially crafted HTTP request to a server running the Spring Core Framework. Exploited software and impacted systems As we mentioned in December, the majority of applications are built in Java. When it comes to Spring Framework, half of Java applications use it. Any system using Java Development Kit (JDK) 9.0 or later, especially those using TomCat, and using the Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and earlier versions are vulnerable. 10 software vendors are confirmed to be affected because of Spring4Shell: Blueriq BMC Software Cisco JAMF NetApp PTC SAP SE SolarWinds Spring VMware The vulnerability primarily affects devices with a lot of direct connections. In fact, cybercriminals also take advantage of connections where they can use an executable file. Also, all IoT devices running Java can be affected. This issue can also pose a personal risk because the vulnerability can hit Android or Windows OS smart-home appliances. And even home cameras. How to find vulnerable to Spring4Shell device To find the affected device use Threat and Vulnerability Management functionality of Microsoft Defender for Endpoint. TVM monitors overall security posture of the company’s endpoints and provides real-time insights about detected vulnerabilities. On the Weaknesses page, you can search for the CVE-2022-22965 to find vulnerable devices. Read more about Microsoft TVM here. How to mitigate Spring4Shell The best and only solution to reduce the impact of this threat is to patch it. An update is available for CVE-2022-22965. Administrators should upgrade to versions 5.3.18 or later or 5.2.19 or later. If the patch is applied, no other mitigation is necessary. If you’re unable to patch the CVE-2022-22965 vulnerability, you can implement this set of workarounds published by Spring: Search the @InitBinder annotation globally in the application to see if the dataBinder.setDisallowedFields method is called in the method body. If the introduction of this code snippet is found, add {“class.*”,”Class.*”,”*.class.*”, “*.Class.*”} to the original blacklist. (Note: If this code snippet is used a lot, it needs to be appended in each location.) 2. Add the following global class into the package where the Controller is located. Then recompile and test the project for functionality: import org.springframework.core.annotation.Order; import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.InitBinder; @ControllerAdvice @Order(10000) public class GlobalControllerAdvice{ @InitBinder public void setAllowedFields(webdataBinder dataBinder){ String[]abd=new string[]{“class.*”,”Class.*”,”*.class.*”,”*.Class.*”}; dataBinder.setDisallowedFields(abd); } } We’re happy to confirm that all the third-party applications in the Scappman App Store are secure, up to date and not vulnerable to CVE-2022-22965.
UPD: CVE-2022-29072 is disputed. A couple of days ago a new vulnerability was discovered by GitHub user Kagancapar in the popular 7-Zip file archiver, which allows gaining administrator privileges on Windows. The vulnerability has not been fixed yet, as the latest version of the application 21.07 has been released on 26/12/2021. A few words about 7-Zip 7-Zip is a free and open-source file archiver with high compression based on bzip2, PPMd, LZMA2, and LZMA algorithms. 7-zip is one of the three most popular file archiving applications, whose popularity is only rivalled by giants WinZIP and WinRAR. In addition to own .7z-format archives, the archive manager also supports other packer formats commonly used under Windows, such as .rar, .zip, .tar, .wim, .xar etc. The file archiver is available for Windows OS; localizations are available for 87 languages. CVE-2022-29072 vulnerability: how it works and whose fault is that 7-Zip vulnerability or CVE-2022-29072 is an active zero-day vulnerability and is characterized as allowing privilege escalation and command execution for Windows when a file with the .7z extension is dragged to the Help > Contents area. In simple terms, someone with access, even limited, to your computer is able to gain high-level control to run their own commands or apps. The problem lies in the 7-zip.chm helper files that are executed via the Windows HTML helper function (hh.exe). So, CVE-2022-29072 is tied to Windows, as it was caused due to interaction of 7-zip with the Windows help application. The vendor hasn’t said much about vulnerability other than refusing to take responsibility for it, meaning that it depends on Microsoft Help in Windows. However, according to Kagancapar, even if you drop the malicious file, this triggers a heap overflow in 7zFM.exe. This means that it’s 7-Zip who should solve the problem. How to mitigate the 7-Zip vulnerability To mitigate CVE-2022-29072, the person who discovered the vulnerability, Kagancapar, recommends deleting the 7-zip.chm file: 1. Open the 7-Zip installation directory or folder on the system. Usually, it’s C:\Program Files\7-Zip or C:\Program Files (x86)\7-Zip. 2. Find the 7-Zip.chm file – this is the help file. 3. Delete this file to remove it from your system. There is a possibility that you get a notification “File Access Denied”. If that is the case, select Continue. If you follow these steps and delete the help file, 7-Zip functionality won’t be reduced, and your endpoint will be secured. 7-Zip CVE-2022-29072 mitigation from Scappman But there is a much simpler and faster solution to mitigate the 7-Zip vulnerability. We are happy to introduce the 7-Zip CVE-2022-29072 mitigation tool from Scappman! All you need to do is find the application in the Scappman App Store, click on Install, customize the installation settings (if you want to), assign it to all or specific users and … that’s it!
Vulnerability management is an important part of any organization’s cybersecurity strategy. It helps to identify, assess, and mitigate risks associated with vulnerabilities in software and hardware. Microsoft has a comprehensive vulnerability management solution that helps companies protect against a variety of threats. Threat & Vulnerability Management (TVM) is a built-in capability in Microsoft Defender that follows a risk-based approach to discover, prioritize, and remediate endpoint vulnerabilities and misconfigurations. Microsoft has been working on improving their vulnerability management system for years now and recently they released a new Vulnerability management solution for a public review. Microsoft Defender Vulnerability Management: overview Microsoft has announced a public review of Microsoft Defender Vulnerability Management service, a single solution that offers the full set of Microsoft’s vulnerability management capabilities to help companies mitigate vulnerabilities more easily. The core version of Vulnerability Management tools was released in 2019 as Threat and Vulnerability Management – a built-in capability in Microsoft Defender Advanced Threat Protection. Since then, Microsoft has been constantly working on the tool to provide even better experience in monitoring, managing and mitigating vulnerabilities. Read more about Microsoft TVM and its functionality in our blog Detecting vulnerable applications with Microsoft Threat and Vulnerability Management. Besides all the existing threat & vulnerability management functionality currently available, a new service will provide asset inventories, smart assessment, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices. Defender Vulnerability Management service will also include more advanced capabilities: Microsoft Defender Vulnerability Management will be available in public preview as a standalone and as an add-on for Microsoft Defender for Endpoint Plan 2 customers. Companies wanting to try the public previews of Microsoft Defender Vulnerability Management -both as a “standalone” service and as an add-on to Microsoft Defender for Endpoint Plan 2 – must request the free 120-day public preview here. Security baseline assessment With the new release, you will be able to continuously monitor the security posture of your endpoints and measure and compare risk compliance with industry benchmarks – CIS and STIG in real-time. Additional benchmarks will be available soon. To use this functionality, you must create a Baseline profile. Go to Vulnerability management > Baselines assessment. Select the Profiles tab at the top, then select the Create profile button. Enter a name and description for your security baselines profile and select Next. On the Baseline profile scope page set the profile settings such as software, base benchmark (CIS or STIG), and the compliance level and select Next. Finally, select the configurations you want to include in the profile. Browser extension inventory From now on you can monitor web browser extensions installed on your endpoints. Defender Vulnerability Management provides detailed information on the risk level of the installed browser extensions, so you can make informed decisions on managing extensions in the organization’s environment. Digital certificate inventory Digital certificates help provide privacy, security, and authentication to transfer data within your network and over the Internet. Expired certificates could expose vulnerabilities within your company, disrupt service, or cause downtimes. The certificate inventory makes it easy to manage certificates from one place. You can: To view your certificates, go to Vulnerability management > Software inventory and select the Certificates tab. Network shares analysis Companies use internal network shares to send data and to provide access to files and documents. To prevent attackers from stealing data from your organization Microsoft created new configuration assessments that identify the common weaknesses that expose your endpoints to attack vectors in Windows network shares. The following recommendations will be available as part of the new assessments:
Oudeleeuwenrui 48, bus 4, Antwerp 2000, Belgium