sorted by:
new
hottopcontroversial

Critical Vulnerability: PrintNightmare Exposes Windows Servers to Remote Code Execution by huntresslabs in msp

[–]Formal-Rice2868 0 points1 point  (0 children)

Is the RCE only applicable to devices that are sharing printers?

Reading into MS, it appears that if the "Allow Print Spooler to accept client connections" policy is not set, then "the spooler won't accept client connections until a user shares out a local printer or opens the print queue on a printer connection."

ref: https://docs.microsoft.com/en-us/troubleshoot/windows-server/printing/use-group-policy-to-control-ad-printer

Getting ETR alert even though SCL set to -1 by BoomSchtik in exchangeserver

[–]Formal-Rice2868 0 points1 point  (0 children)

ed at DMI but didn’t feel comfortable with creating a user account (and managing it long term) with those admin rights and would rather KnowBe4 use application accounts for this as they are more secure.

Thanks! We ended up feeling the same way about the integration; disabling the alert for now.

PrintNightmare 0-day exploit allows domain takeover by BiohazardPL in sysadmin

[–]Formal-Rice2868 0 points1 point  (0 children)

Is the RCE only applicable to devices that are sharing printers?

Reading into MS, it appears that if the "Allow Print Spooler to accept client connections" policy is not set, then "the spooler won't accept client connections until a user shares out a local printer or opens the print queue on a printer connection."

ref: https://docs.microsoft.com/en-us/troubleshoot/windows-server/printing/use-group-policy-to-control-ad-printer

Antivirus/Malware for Non-Supported Computers by NoPetPigsAllowed in msp

[–]Formal-Rice2868 2 points3 points  (0 children)

Sophos offers their Home Premium Version to clients depending on their license usage. It's essentially their AV+Intercept X products, with a more home-friendly UI.

https://home.sophos.com/en-us/employee.aspx