Currently, the unattended installer file will work forever. However, partner would like the unattended installer file to stop working after X days so that anyone who uses an older installer won't be able to randomly add it to any machines.
Hi I wanted to follow up on this thread to see if this will be in production soon. We too have this issue of old installers being used to test access to our instance. Driving my InfoSec team crazy! Thanks
You must be new to Screenconnect....till security flaws hit at least 10 years old they stay on the TODO list.
2 years to go...
We have a former customer compromised by ransomware and had our ScreenConnect client install file uploaded/exfiltrated as part of the attack. We're concerned about how that file may now be used as part of a spear-phishing attack against us, or other associated security risks now that a ransomware gang has published our SC install file on their site for the public to see, download, and utilize. An expiring installer would be helpful for this type of situation.
One thing you could do at the moment is set up filters on your session groups to check for a specific value in one of the custom properties, and then set that custom property to that value for any installers you make going forward (and on your existing sessions).
Of course, how practical this is might depend on how many session groups you have and how often you make new installers, so it's really just a workaround, but it's a way to limit where new sessions from old installers show up and make it more difficult to use them for phishing.
Random machines show up in our instance.
This may be due to a published installer for my instance.
Want the ability to delete or disable previous installers.