Skip to main content
Monthly Archives

April 2015

Verismic Does Remote PC Power Management

By NewsNo Comments

Verismic enhanced its Syxsense with Verismic Power Manager. This updated version of Verismic’s cloud-based IT management software includes remote-control capabilities for PC power management.

Verismic’s CMS allows organizations to proactively monitor and manage their IT infrastructure and reduce energy costs. Verismic says its CMS does not require the installation of software, compared to most endpoint management solutions that run the risk of conflicting with existing client software.

Power Manager is now natively integrated into the CMS. It monitors computer activity throughout each day to reduce power consumption without impacting user productivity and powers down unused devices overnight. The Power Manager module will support multiple power vendors, currencies and power rates – even for complex, international organizations.

Read the feature on

[vc_single_image image=”4007″ img_size=”medium” alignment=”center”]

Verismic Enhances Award-Winning Syxsense With Real-Time Energy-Saving Solution

By NewsNo Comments

First-of-Its-Kind Agentless Systems Management Software Provides Enterprises With Environmental IT Solution, Just in Time for Earth Day

ALISO VIEJO, CA–(Marketwired – Apr 22, 2015) – Verismic, a global provider of IT management solutions delivered from the cloud, today announced the roll-out of its newly upgraded Syxsense , enhanced with Verismic Power Manager — the most advanced, non-disruptive PC power management software on the market. This updated version of Verismic’s cloud-based IT management software suite will include superior remote-control capabilities and will provide enterprises with cost- and energy-savings from one of the most awarded PC power management solutions just in time for Earth Day.

[vc_single_image image=”4718″ img_size=”medium” alignment=”center”]

“Each April, we are reminded of the increasingly critical responsibility we bear to become stewards of the environment, regardless of industry,” says Verismic President and CEO, Ashley Leonard. “At Verismic, we take this to heart — all year round — by working to provide organizations with green IT solutions at a time when energy consumption across the globe is at an all-time high. By leveraging technology from our industry-leading Power Manager platform, we can protect our customers’ enterprise networks through CMS’ unmatched endpoint management capabilities and protect the environment by managing IT system-generated electricity over-use.”

Designed and built for the cloud, Verismic’s CMS allows organizations to proactively monitor and manage their IT infrastructure and reduce energy costs — saving on utility bills month after month, year after year. While most endpoint management solutions run the risk of conflicting with existing client software and require agents that can take months to deploy, Verismic’s CMS — with no software to install — eliminates the need for dedicated staff, servers and skills to manage enterprise IT infrastructure and is accessible from any supported web browser.

Power Manager, which is offered as a stand-alone solution from Verismic and is now natively integrated into CMS, monitors computer activity throughout each day to reduce power consumption without impacting user productivity and powers down unused devices overnight, resulting in a streamlined environment and an improved bottom line. The addition of the Power Manager module to CMS will allow for greater enterprise efficiency, and will support multiple power vendors, currencies and power rates — even for the most complex, international organizations

“Our school district currently uses about 16,000 computers — between desktops, laptops, tablets and iPads — that all require time-sensitive, large-scale software distributions and uninterrupted workflows,” says Marilyn Christie, network and systems engineer for Kyrene School District. “Verismic helps us reduce our carbon footprint and successfully manage necessary maintenance windows — from shutting computers down and waking them up for students, to carrying out specific tasks automatically like addressing applied patches and checking anti-virus software.”

For more information on Verismic’s energy-saving and award-winning Syxsense, visit

ABOUT VERISMIC: Verismic Software, Inc. is a global industry leader providing cloud-based IT management technology and green solutions focused on enabling greater efficiency, cost-savings and security control for users, all while engaging in endpoint management. Headquartered in Aliso Viejo, Calif., Verismic is a growing and dynamic organization with offices in four countries and 12 partners in nine countries. Over the past two years, Verismic has worked with more than 150 companies ranging from 30 to 10,000 endpoints delivering a variety of solutions for organizations of all sizes as well as managed service providers (MSPs). Verismic’s software portfolio includes the first-of-its-kind agentless, Syxsense ; Power Manager; Software Packaging and Password Reset. For more information, visit


    Leslie Licano
    Beyond Fifteen Communications, Inc.
    [email protected]
[vc_single_image image=”4711″ img_size=”medium” alignment=”center”]
Patch Tuesday

HTTP.sys vulnerability fixed in April’s Patch Tuesday

By News, Patch Management, Patch TuesdayOne Comment

In this month’s patch updates from Microsoft there’s a total of 11 bulletins – four Critical and seven Important – covering 26 separate vulnerabilities. “We’re going to look at each of the four Critical updates in turn”, says Robert Brown, Director of Services at Verismic.

Data Encryption The first of the Critical updates from Microsoft, MS15-032, covers 10 separate vulnerabilities in Internet Explorer – nine of which are the most severe and can allow for remote code execution. However, there are two other Critical updates that you should be paying attention to – MS15-033 and MS15-034.

MS15-033 addresses five separate vulnerabilities in Microsoft Office, all of which could allow remote code execution. If that doesn’t encourage you to apply this patch, perhaps you should consider that one of the vulnerabilities within the update is currently being exploited in the wild. This is the only vulnerability in this month’s update that is known to be actively exploited.

The third Critical vulnerability has a CVSS of 10.0 from US-CERT, which is the highest rating possible. This patch should be your first priority above all others. Although the likelihood of this vulnerability being exploited is low it is a credible threat to your business and the potential damage it could cause is massive. The vulnerability can be exploited if an attacker sends a specially crafted HTTP request to an affected Windows system. Unlike the other Critical patches this month, MS15-034 requires no user interaction whatsoever, which makes it so dangerous.

The final Critical bulletin for April, like the first two this month, has a CVSS of 9.3. The vulnerability could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website, open a specially crafted file, or browse to a working directory that contains a specially crafted Enhanced Metafile (EMF) image file. In all cases, however, an attacker would have no way to force users to take such actions; an attacker would have to convince users to do so, typically by way of enticements in email or Instant Messenger messages.

The remaining Important bulletins address vulnerabilities that could allow elevation of privilege, bypassing security features, information disclosures, and denial of service vulnerabilities.

Once you’ve prioritised your patches, I would always advise that you stage your roll out by testing and piloting the updates before deploying widely. This will help identify any compatibility issues. This should be done as standard each month, which is something we’ll always do for customers and MSPs through Syxsense.

Update no.

CVSS Score Microsoft rating Affected software Details


10.0 Critical Microsoft Windows Vulnerability in HTTP.sys could allow remote code execution
MS15-032 9.3 Critical Microsoft Windows, Internet Explorer

Cumulative security update for Internet Explorer


9.3 Critical Microsoft Office Vulnerabilities in Microsoft Office could allow remote code execution
MS15-035 9.3 Critical Microsoft Windows Vulnerability in Microsoft Graphics Component could allow remote code execution
MS15-038 7.2 Important Microsoft Windows Vulnerabilities in Microsoft Windows could allow elevation of privilege
MS15-037 6.9 Important Microsoft Windows Vulnerability in Windows Task Scheduler could allow elevation of privilege
MS15-036 4.3 Important Microsoft Server Software, Productivity Software Vulnerability in Microsoft SharePoint Server could allow elevation of privilege
MS15-039 4.3 Important Microsoft Windows Vulnerability in XML Core Services could allow security bypass feature
MS15-042 2.7 Important Microsoft Windows Vulnerability in Hyper-V could allow denial of service
MS15-041 2.6 Important Microsoft Windows, Microsoft .NET Framework Vulnerability in .NET Framework could allow information disclosure
MS15-040 1.9 Important Microsoft Windows

Vulnerability in Active Directory Federation Services could allow information disclosure


Enterprise Security Trends that Will Rule 2015

By NewsNo Comments

From 3D printers that can replicate the intricate details of the human heart to wearable technology that tracks everything from blood pressure to incoming emails, 2015 shows great promise in becoming “Year One” of the new digital world order. But before we get too distracted, it’s worth paying attention to—and learning from—the past, which has consistently revealed where even the most established industry giants stumble: enterprise security.

Last year alone, the U.S. witnessed colossal data breaches in both the public and private sectors—from home improvement, to health care, to the entertainment industry—including the highly publicized Sony attack. While it may have been the latest wake-up call, the Sony scandal was by no means the most significant. A string of breaches, including Home Depot, Target, Goodwill Industries, Dairy Queen and JP Morgan, which single-handedly affected 76 million households and 7 million small businesses, sent shockwaves throughout the world.

[vc_single_image image=”4514″ img_size=”full” alignment=”center”]

Enterprise Infrastructure

If 2014 was the year of the hack, it’s logical to conclude that 2015 will be the year of fighting back. As diligently as an enterprise works to innovate groundbreaking advances in products and services, so too must they implement enterprise security solutions. Recent breaches, including leaks of users’ personal data and credentials from popular services like Dropbox and Apple iCloud have once again identified cybersecurity as a harrowing issue that requires immediate attention from both users and enterprises. Rather than focusing solely on prevention, however, today’s enterprises are now proactively beginning to use monitoring techniques for quick identification of and response to any kind of potential infiltration before it occurs. This trend, say analysts at the Gartner Security & Risk Management Summit—which takes a comprehensive look at the entire spectrum of IT security—will expand and evolve organizational roles to include a digital risk officer (DRO)

Read the full article on