Helient® Blog
Microsoft Investigates Reports of Remote Code Execution Vulnerability in MSHTML
by Daniel Ruiz Senior Solutions Architect Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open […]
Helient Launches NEW HeliX® Webpage During ILTACON 2021
August 2021, Philadelphia, PA – Helient Systems LLC (Helient) announces the launch of the new HeliX® website during ILTACON 2021. The one and only complete legal solution that delivers extraordinary value throughout every phase of the Microsoft Windows Desktop lifecycle, HeliX is the software necessary to keep the CIO on top of the curve. With […]
Chris Hines Joins Helient As Managing Director, Microsoft Cloud Services Leading Digital Transformation, Office 365 & Azure Solutions
August 2021, Philadelphia, PA – Helient Systems LLC (Helient) is pleased to announce Chris Hines has joined the company as Managing Director, Microsoft Cloud Services. Formerly the General Manager of the Microsoft business unit of a large global digital consultancy and award-winning Microsoft NSI partner, Chris was responsible for advising Fortune 500 customers and leading […]
Microsoft Announces New Windows Print Spooler Vulnerability
by Christian Vindel Desktop & Applications Architect On August 11, 2021, Microsoft announced a new vulnerability related to its Windows Print Spooler Service. CVE-2021-36958 has been published to track this issue. This vulnerability has a security rating of 7.3 out of 10 which is considered a high risk. This new announcement from the Redmond, WA […]
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
by Michael Trantas Senior Solutions Architect Microsoft has recently identified a new vulnerability that will allow a potential attacker the ability to establish a man-in-the-middle exploit between your local Azure AD Connect server and a domain controller. This is especially important because it requires that the attacker possess a set of domain user credentials that […]
Citrix Announces ShareFile Storage Zone Controller Vulnerability
By Richard Charlton Senior Systems Engineer Citrix recently announced that file encryption may have been mistakenly disabled after running the CTX269106 mitigation tool. This vulnerability (CVE-2021-22932) potentially allows for the clear text storage of data that should be encrypted. All customers running an on-premises version of ShareFile are advised to review their configuration to check […]
Microsoft Word and Excel Macros for DeskSite and FileSite Expire August 26, 2021
by Jared Barraford Managing Director What is the Advisory? On July 16th, 2021, iManage has released an updated CSAR for all customers running DeskSite or FileSite builds on any version of 9.3.6 or earlier that requires an update to prevent Microsoft Word and Excel from disabling the use of the Save, Save As, Open and […]
HiveNightmare AKA SeriousSAM (CVE-2021-36934)
by Jared Barraford Managing Director What is the Vulnerability + Risk? It has been discovered through various independent security researchers that Microsoft Windows 10 dating back potentially to build 1809, including upgrades from earlier releases to 20H2, has inadvertently introduced overly permissive ACLs on critical system directories that contain sensitive information such as password hashes, […]
Citrix ADC (NetScaler) New Security Vulnerabilities
by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. Citrix strongly recommends that affected customers install relevant updates as soon as possible. If exploited could result in the following security issues. Vulnerabilities: CVE-2021-22919 – Unauthenticated requests […]
Updated: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Security Vulnerability
by Daniel Ruiz Senior Solutions Architect Updated: July 14, 2021 Citrix recently announced a new vulnerability in Citrix Virtual Apps and Desktops (formally known as XenApp & XenDesktop) that if exploited, could allow a user of a Windows VDA with Citrix Profile Management or the Citrix Profile Management WMI Plugin installed with Local privilege escalation […]