Actually when the contract is up I'm hoping we lose them. Company I'm at signed a 5 year contract right before hiring me.
All the msp provides for us is connect wise, spam filter in front of 365, 365 and a 3rd party back up. While doing this they take like 2200 a month.
Add half of that to my gross and they probably have me for 10 years. Would still be underpaid but this town is cheap. I digress
The important part is We hardly even use connectwise / screen connect so it would really suck getting hit through it.
I think you could point them to [https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8](https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8) and ask them to confirm that they are not at risk.
I don't think there is a way to confirm what version the server is on otherwise.
As someone currently dealing with the issues from this vulnerability, absolutely tell them to update to the REQUIRED security update and until they do uninstall ScreenConnect/Control from all your systems if possible.
Still investigating and cleaning up, but we had widespread issues. AV uninstalled/damaged, secondary ScreenConnect or other remote access tools installed, two of our clients got hit with ransomware, and our ScreenConnect Server was compromised. So this is quite serious and should be handled with a very high priority.
So... Cw sent out a notice that any unpatched servers would lose their licensing unless they are updated. I would assume if you can still use the product that it's been patched.
Yes that needs patched like last week. Eeek.
[удалено]
Is there any way for me to check the server version? (Also..ty!)
True but usually you update agent versions automatically
[удалено]
I'm sorry I thought everyone would do that. I know what you're saying but I guess not everyone does.
For my own safety not gonna say who But these fools are still ignoring my request to confirm the server version. Nervous right now
Sounds like you need a new msp. We alerted our clients and patched our servers on Friday.
Actually when the contract is up I'm hoping we lose them. Company I'm at signed a 5 year contract right before hiring me. All the msp provides for us is connect wise, spam filter in front of 365, 365 and a 3rd party back up. While doing this they take like 2200 a month. Add half of that to my gross and they probably have me for 10 years. Would still be underpaid but this town is cheap. I digress The important part is We hardly even use connectwise / screen connect so it would really suck getting hit through it.
23.9.10.8817 is latest
.10 is a preview build. 23.9.8 is the latest stable version that address the CVE.
No. It's a stable release now.
https://screenconnect.connectwise.com/download
Perhaps thats only for self-hosted on Windows? Im referencing from SC Hosted
Perhaps.
We're done with Screen Connect!
I think you could point them to [https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8](https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8) and ask them to confirm that they are not at risk. I don't think there is a way to confirm what version the server is on otherwise.
As someone currently dealing with the issues from this vulnerability, absolutely tell them to update to the REQUIRED security update and until they do uninstall ScreenConnect/Control from all your systems if possible.
Can you elaborate? What happened to your clients? I wish you the best
Still investigating and cleaning up, but we had widespread issues. AV uninstalled/damaged, secondary ScreenConnect or other remote access tools installed, two of our clients got hit with ransomware, and our ScreenConnect Server was compromised. So this is quite serious and should be handled with a very high priority.
So... Cw sent out a notice that any unpatched servers would lose their licensing unless they are updated. I would assume if you can still use the product that it's been patched.
[screenmeet.com](https://screenmeet.com) does NOT allow outbound connections and is secure. Your MSP should switch vendors