{"id":778,"date":"2024-02-15T06:44:19","date_gmt":"2024-02-15T06:44:19","guid":{"rendered":"https:\/\/sygitechblog.bhaskaryadav.me\/?p=778"},"modified":"2024-07-19T12:28:27","modified_gmt":"2024-07-19T12:28:27","slug":"security-and-vulnerability-assessment-by-managed-it-services","status":"publish","type":"post","link":"https:\/\/www.sygitech.com\/blog\/security-and-vulnerability-assessment-by-managed-it-services\/","title":{"rendered":"Security and Vulnerability assessment by Managed IT services"},"content":{"rendered":"\n

Oct 2022<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Expertise, good analytics and defense mechanisms are required against advanced cyber attacks. In hybrid environment systems, tools and applications are in cloud and non- cloud premises. The Security admin team might struggle with threat detection and response. <\/p>\n\n\n\n

Security analyst \/ infrastructure management analyst  help you to detect, triage, investigate and respond to such potential threats with apt analysis before they impact business. Vulnerability assessment and management as a service can help you with day-to-day operations to experts who provide granular focus of each vulnerability.<\/p>\n\n\n\n

Recently, Microsoft has released workaround guidance to address a remote code execution (RCE) vulnerability\u2014CVE-2022-30190, known as “Follina”\u2014affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. Microsoft has reported active exploitation of this vulnerability in the wild.<\/em><\/p>\n\n\n\n

ref:Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809) | CISA<\/em><\/p>\n\n\n\n

The defense in fix is incorporated into the cumulative updates for Windows 10 and newer versions. When URL protocol is used for calling MSDT from any application such as word, a remote code vulnerability exists. In this case, an attacker can run arbitrary code with privileges. Microsoft took care of such a vulnerability by introducing software patches in Windows 10 version and higher.  <\/p>\n\n\n\n

For Windows 7 and 8, You can use the SCCM (system center configuration manager) application<\/strong> to fix the Remote Code Execution Vulnerability. <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Ref: Security and Vulnerability Management Market Expected to Grow (openpr.com)<\/p>\n\n\n\n

The main types of security vulnerabilities based on their more extrinsic weaknesses:<\/p>\n\n\n\n