Helient® Blog
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
by Jeyakumar Durai (JD) Cloud Architect Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for New Technology LAN Manager (NTLM) credential theft. Microsoft has released CVE-2023-23397 to address a critical elevation of privilege (EoP) vulnerability affecting Microsoft Outlook clients that connect to both an on-premises Exchange […]
Daylight Saving Time Alert – Important Reminder About Upcoming Clock Change
by Christopher Garcia Practice Lead – Desktop & Applications This is a reminder that Daylight Saving Time Begins at 2:00 AM (EST) on Sunday, March 12th. This semi-annual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine […]
Citrix Announces New CVAD VDA Security Vulnerability
by Daniel Ruiz Practice Lead, Network Infrastructure On February 14th, 2023, Citrix announced new Citrix Virtual Apps and Desktops Windows VDA vulnerability. If exploited, it could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Windows VDA. Helient recommends that customers upgrade to the latest version of […]
Citrix NetScaler 12.1 Going End-of-Life
by Daniel Ruiz Practice Lead, Network Infrastructure Citrix announced an update to End of Maintenance and End of Life dates for version 12.1 of the Citrix ADC (NetScaler). After the 2023 May date, customers will not be able to receive technical support for version 12.1 firmware. Helient recommends upgrading the appliances to version 13.0 Build 89.7 or […]
Helient Prepares Organization For Next Phase of Growth
January 2023, Philadelphia, PA – Helient Systems LLC (Helient) announces organizational changes to prepare the company for the next phase of growth. Helient has grown organically since inception serving Am 100 & 200 Law Firms. Founded by Steve Hatch and James Engelhard in 2012, Helient was designed to bring together top talent and experience to […]
New Exploit Bypasses the URL Rewrite Mitigations in Exchange Servers
by Jeyakumar Durai (JD) Cloud Architect Exchange administrators are aware of the Zero-day vulnerabilities CVE-2022-41040, Server-Side Request Forgery (SSRF) and CVE-2022-41082, Remote Code Execution (RCE) that were reported on September 29, 2022. Responding to these vulnerabilities, Microsoft initially released couple of immediate mitigations (URL Rewrite rule and Disable remote PowerShell access for non-admins) to be performed […]
Citrix Announces New Vulnerabilities in Citrix ADC & Citrix Gateway (NetScalers)
by Daniel Ruiz Practice Lead, Citrix Technologies Citrix announced new vulnerabilities discovered in Citrix ADC and Citrix Gateway. These vulnerabilities have the following identifiers: Affected versions of Citrix ADC and Citrix Gateway: (Citrix ADC and Citrix Gateway version 13.1 is unaffected.) Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32 […]
Citrix Announces New Vulnerabilities in Citrix ADC & Citrix Gateway (NetScalers)
by Daniel Ruiz Practice Lead, Citrix Technologies Citrix announced new vulnerabilities discovered in Citrix ADC and Citrix Gateway. These vulnerabilities have the following identifiers: Affected versions of Citrix ADC and Citrix Gateway: Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47 Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12 Citrix ADC and Citrix Gateway 12.1 before 12.1.65.21 Citrix ADC 12.1-FIPS before 12.1-55.289 Citrix ADC […]
Daylight Saving Time Alert – Important Reminder About Upcoming Clock Change
by Christopher Garcia Practice Lead – Desktop & Applications This is a reminder that Daylight Saving Time ends at 2:00 AM (EST) on Sunday, November 6th. This semi-annual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine […]
Microsoft Intune Connector for Active Directory Requires .NET Framework for Hybrid Azure AD Join Deployments
by Jake Heberling Desktop & Applications Engineer Included as part of the latest updates to Windows Autopilot, Microsoft has announced that starting in September 2022, the Intune Connector for Active Directory (ODJ Connector) will require .NET Framework version 4.7.2 or later to function correctly. This is a critical infrastructure component in Hybrid Azure AD Join […]