Skip to main content
Start a Conversation

Unsolved

prreynolds

1 Rookie

 • 

19 Posts

789

July 30th, 2021 10:00

Monthly Dell Data Security Technical Newsletter

 

Dell Data Security Technical Newsletter 

Volume 76, July 2021 

 prreynolds_0-1627666996326.png

 

Dell Data Security Chat

For U.S. customers only, Chat support is now available Monday through Friday, 7 a.m. to 7 p.m. CST.

 Dell Data Security ProSupport for Software

24x7 support and issue resolution from a team of technicians.

Within the U.S., the dedicated number is 877.459.7304, X4310039.

For a list of in-country phone numbers, click here.

 NEW: Dell Data Security Advanced Support for Software

Direct and easy access to your own dedicated security expert.

Support for all of your Dell endpoint security software.

Personalized support including customized communication plans, health checks and more!

For more information, click here or contact your account executive.

Dell Trusted Device 3.4

Dell Trusted Device (DTD) 3.4 was released in July.  For more information on DTD, please see “What is Dell Trusted Device?

Resolved Technical Advisories for DTD v3.4

An issue resulting in BIOS Verification identifying supported platforms as unsupported is resolved. [DPS-3267]

Technical Advisories for DTD 3.4

When run interactively, the BIOS Verification browser-based result does not resolve. As a workaround, run BIOS Verification in headless mode. For more information, see the Trusted Device Installation and Administrator Guide. [DPS-3670]

____________________________________________

Netskope Version 87 Available

Netskope Version 87 is available, containing 13 new features and 11 fixes.

Netskope Version 87 Release Notes can be found here.

___________________________________________

Netskope Secure Web Gateway

Netskope has updated Secure Web Gateway to allow for additional content filtering options, along with additional protections for most browsers that may be installed on endpoints. Additionally, more views and reports have been added to allow for tracking of data and ensuing the efficacy of Secure Web Gateway and Private Access from Netskope.

Check out What is Netskope Secure Web Gateway and see how this solution can help you meet regulatory compliance and enforce acceptable use in your environment.

If you are interested in an evaluation, please see How to Request a Dell Endpoint Security Evaluation.

Vulnerability in Dell Security Management Server Addressed

Dell has launched the Dell Security Management Server v11.1.1.159 and Dell Security Management Server Virtual v.11.1.1.2. These contain fixes for high value vulnerabilities based on the version of Jetty included in 11.0.1 and prior versions of the Dell Security Management Server and Dell Security Management Server Virtual.

It is not believed that these vulnerabilities have active exploit in relation to the SMS/SMSv, but it is highly recommended customers patch in the near-term.

More information on the vulnerabilities can be found here.

 

DSMS 11.1.1.159

Technical Advisories

 

DSMSv 11.1.1.2 (Hyper-V)

DSMSv 11.1.1.2 (VMware)

Technical Advisories

____________________________________________________________________________________

Vulnerability in Dell Security Management Server - DSA-2021-130

A vulnerability was identified within the Dell Security Management Server, specifically with the PostgreSQL version that is leveraged within the Windows version of the Dell Security Management Server.

A Dell Security Advisory has been published and is available for review.

What is the issue?

Dell Security Management Server 11.0.0.147 and earlier contain a version of PostgreSQL that contains multiple vulnerabilities that can lead to unprivileged code execution, along with sensitive information being in unprotected directories.

NOTE: Dell Security Management Server Virtual 10.2.13 and later are unaffected by this issue.

What is being done?

Dell has released the Dell Security Management Server 11.0.1.152 on support.dell.com, which is an in-place upgrade for 11.0.0.147 and earlier builds. This version contains an upgrade to 11.12-2, which resolves all currently known vulnerabilities.

This update can be found here.

Technical Advisories are currently being updated, and will be available here soon

How can customers identify if they are affected?

On the Windows Server that hosts the Dell Security Management Server, the customer can look within Programs and Features, and inspect the “version” column for the installed server. This example shows a vulnerable version, 10.2.10:

prreynolds_1-1627666996332.png

The WebUI can also be leveraged to identify. Simply select the gear in the upper-right and select About.

prreynolds_2-1627666996334.png

This will show the version of the DSMS:

prreynolds_3-1627666996340.png

Dell is working on publicizing this information to ensure customers are aware of this issue and have access to the available updates.  

 

 

No Responses!

View More

View All

No Events found!

Top