6 Holiday Shopping Scams to Watch Out For
The holiday season is here, bringing the excitement of discovering amazing deals during Black Friday and Cyber Monday. But while you’re hunting for...
3 min read
Byron Martin : Feb 23, 2024
ConnectWise is addressing a critical vulnerability discovered in ConnectWise ScreenConnect, its remote desktop and access software that enables MSP techs to directly access a user’s computer. The company has been alerting all MSPs using on-prem versions of the software to update it immediately.
ConnectWise disclosed two critical vulnerabilities in ScreenConnect versions 23.9.7 and earlier on February 19, 2024. These vulnerabilities allow attackers to:
As Managed Service Providers (MSPs) rely heavily on ScreenConnect for remote access and support, these vulnerabilities create a significant attack vector. Exploiting these vulnerabilities could allow attackers to:
Please ask your IT Support Company to review this message and take the following steps:
According to ConnectWise, within 36 hours of confirming the vulnerability, the company applied a manual mitigation for all Cloud partners (ScreenConnect, RMM AND Automate/Hosted RMM). Completing this action meant that all Cloud partners were protected by February 16th without requiring ConnectWise to do a version update, meaning it would not reflect a version change for users.
Additionally, ConnectWise began upgrading all ScreenConnect and Automate/Hosted RMM Cloud partners to the latest 23.9 version. No further action is required from cloud partners using “screenconnect.com” cloud and “hostedrmm.com” instances.
Connectwise has released a patch for on-premises ScreenConnect, updating to version 23.9.8.
MSPs need to take immediate action to address these vulnerabilities:
This serves as an excellent reminder for us all; that we must stay vigilant for cyber risks from not only our primary software providers but also, we need to verify that other third parties that we may allow access to our infrastructure are following appropriate cybersecurity practices as well.
There are many cybersecurity news outlets distributing information about this incident. Sadly, there are numerous reports that servers that went unpatched for as little as 36 hours have already been compromised, reiterating the need to make sure third parties remain ultra-diligent to keep our cyber infrastructure safe.
Remember, cybersecurity is not a one-time event; it's an ongoing process that requires continuous awareness and adaptation.
The latest security bulletin from ConnectWise can be found here: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8.
Teknologize is a SOC 2 accredited, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:
Questions about your IT or Cybersecurity? Give us a call today!
The holiday season is here, bringing the excitement of discovering amazing deals during Black Friday and Cyber Monday. But while you’re hunting for...
Ah, the holiday season, when everything sparkles, sales soar, and your to-do list rivals Santa's naughty and nice list. For businesses, it's a time...
IMPORTANT: Microsoft recently announced the official end of support for Windows 10 on October 14, 2025. After this date, while your...