Trust Center

Microsoft has recently issued an urgent security advisory regarding a critical vulnerability (CVE-2025-53770) in on-premises installations of Microsoft SharePoint Server, a widely used platform for collaboration, file sharing, and web publishing. These vulnerabilities could allow threat actors to bypass authentication and execute remote code, potentially gaining control of affected systems. Microsoft has confirmed active exploitation attempts targeting on-premises SharePoint Server environments.

Data Intensity does not utilize Microsoft SharePoint server but instead utilizes Microsoft 365 version of SharePoint.

If your organization utilizes any of the impacted versions of Microsoft SharePoint Server, it is imperative that you take the following steps immediately:

• Review Microsoft’s official guidance and mitigation procedures: SharePoint vulnerability CVE-2025-53770
• Plan and implement appropriate security and mitigation measures.
• Investigate and apply controls to detect and mitigate any signs of compromise.

Feel free to reach out to security@dataintensity.com with any questions or concerns.

Oracle has released its quarterly Critical Patch Update (CPU) for July 2025. The Oracle CPU is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the last Critical Patch Update Advisory and does not contain updates from prior CPUs.

The Data Intensity technical team and Customer Success Managers will coordinate directly with customers to facilitate any required mitigations based on their exposure, patching cadence and availability of support.

Oracle Critical Patch Update Advisory - July 2025
Oracle Critical Patch Updates, Security Alerts and Bulletins

Oracle has released the Critical Patch Update for October 2024. It is suggested that users of these products review the vulnerabilities, prioritizing the application of updates to critical, publicly exposed systems without extensive mitigating controls and those with a higher risk factor. Data Intensity support staff is in the process of reviewing the impact of these vulnerabilities to supported customers and will be communicating to customers based on the analysis and to setup patch windows based on the customers agreed upon patching cadence. Additional guidance and analysis will be posted here as made available.

Oracle Critical Patch Update Advisory - October 2024
Critical Patch Update for October 2024 Now Available - Oracle Blogs

Data Intensity has been made aware of and has identified multiple customers impacted by a recent update to the CrowdStrike Falcon sensor which can cause Windows systems to crash. This issue has impacted Windows systems that utilize CrowdStrike on a global scale. Windows servers are getting stuck in a reboot loop after being updated, preventing resolution via automatic update from CrowdStrike or by support engineers. The current identified fix for this issue is to manually boot to Windows Safe Mode and remove a file from the filesystem.

Data Intensity is proactively reaching out to customers that are confirmed or potentially impacted.

If you are serviced by Data Intensity and require assistance in relation to this issue or any other critical issue, please create a critical ticket via the Data Intensity ServiceNow Portal, contact the Data Intensity support team at the number found on the website https://www.dataintensity.com/about-us/contact/, or contact your Data Intensity Customer Success manager.

Additional Information can be found below:
https://www.windowslatest.com/2024/07/19/windows-10-crashes-with-bsod-stuck-at-recovery-due-to-crowdstrike-update/
https://supportportal.crowdstrike.com/s/login/?ec=302&startURL=%2Fs%2Farticle%2FTech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19 (requires CrowdStrike access)

ServiceNow published a Critical CVE on July 10, 2024. CVE-2024-4879, ranked 9.3 via CVSSv4, is a critical input validation vulnerability that could permit unauthenticated remote code execution. Data Intensity has reviewed the details and confirmed that currently the Data Intensity ServiceNow instance is on Washington DC Patch 1 Hot Fix 3b, which contains the fix for this particular vulnerability.

Details on the vulnerability can be found here: KB1644293

If you have any questions, please reach out to security@dataintensity.com.