Security Alert: Automatically Fix New Zero-Day Exploit in Microsoft Windows Support Diagnostic Tool with Syxsense Enterprise

ALISO VIEJO, Calif.–(BUSINESS WIRE)–Syxsensa global leader in IT and security management solutions, is offering businesses a 14-day free trial of its Syxsense Enterprise cloud-based IT and endpoint management platform, which includes a pre-built fix for the recently discovered Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability (CVE-2022-30190).

Sign up for Syxsense Enterprise free trial here and quickly fix the MSDT remote code execution vulnerability.

The MSDT flaw affects all versions of Windows receiving security updates and was reported by a member of the Shadow Chaser Group. It can be used to execute malicious PowerShell commands through MSDT as arbitrary code execution (ACE) attacks while opening or previewing Word documents. According Microsoft“A remote code execution vulnerability exists when MSDT is invoked using the URL protocol from a calling application such as Word. An attacker who successfully exploited this vulnerability can execute arbitrary code with the privileges of the calling application.The attacker can then install programs, display, modify or delete data, or create new accounts within the scope authorized by the user’s rights.

“This new MSDT vulnerability is yet another reminder that having mechanisms in place to quickly and efficiently patch and remediate endpoint vulnerabilities is key to a strong security posture,” said Ashley Leonard, Founder and CEO of Syxsense. “To help organizations mitigate this latest threat now, we are upgrading all of our Syxsense Secure customers to our Enterprise platform for 14 days so they can resolve this issue quickly, and we are offering all organizations a free trial. of 14 days so that they too can resolve this issue quickly.

Syxsense Enterprise is the industry’s first Unified Security and Endpoint Management (USEM) solution that addresses the three key elements of endpoint security: vulnerabilities, patches and compliance. It is based on a powerful workflow automation tool called Syxsense Cortex™ that fixes and eliminates endpoint security weaknesses, all through a single cloud-based, drag-and-drop management interface with hundreds of pre-built workflows. This includes the ability to identify software vulnerabilities in the operating system and 3^rd third-party apps, bad open port configurations, disabled firewalls, ineffective user account policies and more.

For more information on fixing CVE-2022-30190, see this Syxsense Video or download the free trial today at https://www.syxsense.com/start-a-free-trial-of-syxsense.

About Syxsense

Syxsense is a leading provider of innovative and intuitive endpoint security and management technologies that combine the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices, including mobiles. Syxsense is the first unified security and endpoint management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patches, and compliance) and layers them onto a powerful workflow automation tool. work called Syxsense Cortex™, all through a single cloud platform, enabling more efficiency and collaboration between teams. Always-on technology works in real time so businesses can operate undisturbed by security breaches that cripple productivity and expose them to financial risk and reputational damage. For more information, visit www.syxsense.com.