Helient® Blog
Apache Log4j Remote Code Execution Vulnerability
by Jared Hamilton Managing Director, Systems Engineering Over the past few days, the security community became aware of active exploitations of a recently disclosed vulnerability in Apache Log4j. This critical vulnerability (CVE-2021-44228), also named Log4Shell or LogJam, is a common component of the Apache Java-based software library, used for logging purposes. If the vulnerability is […]
Palo Alto Firewall Vulnerability Discovered
by Robinson Roca Practice Leader – Network Infrastructure Firms using Palo Alto Firewalls with PAN-OS 8.1.17 or earlier; Helient recommends an upgrade as soon as possible. A vulnerability has been discovered. The Vulnerability CVE-2021-3064 is categorized with a CVSS Score of 9.8. That is extremely high on the scale, and needs to be mitigated as […]
Microsoft Urges Exchange November Security Update
by Michael Bianchi Senior Solutions Architect Microsoft announced an Exchange exploit today that requires immediate attention and remediation. CVE-2021-42321 is a post-authentication vulnerability that affects Exchange 2013, 2016 and 2019. This exploit is capable of opening remote shells and delivering malicious payloads, including crypto attacks. Helient and Microsoft both recommend getting to the minimum patch […]
Multiple Vulnerabilities Discovered in Citrix ADC, Gateway and SD-WAN WANOP
by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. Citrix strongly recommends that affected customers install relevant updates as soon as possible. If exploited could result in the following […]
Daylight Saving Time Alert – Important Reminder About Upcoming Clock Change
by Armen Gharibian Managing Director This is a reminder that Daylight Saving Time ends at 2:00 AM (EDT) on Sunday, November 7th. This semiannual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine Creation Services, or VMware […]
VMware Removes Option For SD Card/USB as a Standalone Boot Device
by Danny Simmons Senior Systems Engineer VMware has announced that starting from the next major vSphere release, SD cards/USB media as a standalone boot device will not be supported. The decision to remove this option came about due to the many issues related to device reliability when SD cards are used as the boot device […]
VMware Announces vCenter Server & Cloud Foundation Vulnerabilities With 9.8 Severity Rating
by Danny Simmons Senior Systems Engineer VMware announced on September 21st, 2021 (Advisory ID: VMSA-2021-0020) nineteen new vulnerabilities that target vCenter Server 6.5, 6.7 and 7.0 as well as Cloud Foundation (vCenter Server) versions 3.x and 4.x. CVE-2021-22005 is the most concerning out of the nineteen vulnerabilities as it has a severity rating of 9.8 […]
Citrix ShareFile Storage Zones Controller Security Update
by Danny Simmons Senior Systems Engineer Citrix recently announced that a security issue has been identified in Citrix ShareFile storage zones controller. This issue (CVE-2021-22941) potentially allows for an unauthenticated attacker to remotely compromise the storage zones controller. All currently supported versions of Citrix ShareFile storage zones controller before 5.11.20 are affected by this issue. […]
Helient® Sponsors Nutanix Global .NEXT Digital Experience 2021
September 2021, Philadelphia, PA – Helient Systems LLC (Helient) is pleased to be a bronze sponsor of this year’s Nutanix Global .NEXT Digital Experience 2021 to be held virtually September 20-23. Cloud on Your Terms is this year’s theme and Helient is proud to showcase the latest trends in HCI, private, hybrid and multi-cloud architectures including robust EUC applications for […]
Critical Apple Release to Fix Security Vulnerabilities
by Daniel Ruiz Senior Solutions Architect Today Apple released several updates for macOS Big Sur 11.6, iOS 14.8, iPadOS 14.8, and watchOS 7.6.2 to fix security vulnerabilities. The updates fix issues that allows an attacker to bypass Apple’s BlastDoor security sandbox. Vulnerabilities: CoreGraphics CVE-2021-30860 WebKit CVE-2021-30858 Impact: CoreGraphics CVE-2021-30860: Processing a maliciously crafted PDF may lead to […]