This is concerning from a security stand point for any user with access can store anything in their toolbox and there doesn't seem a way to ensure the tool version is current or even vetted...and not an application that was compromised and never updated.

This is concerning from a security stand point for any user with access can store anything in their toolbox and there doesn't seem a way to ensure the tool version is current or even vetted...and not an application that was compromised and never updated.

We have an issue with our Zero Trust whitelisting application that blocks control upgrades every month. This should really be signed so that we can create a specific rule to help the system identify it as ok and allowed.

The other issue is that the .msi file name and hash changes all the time as well making there nothing specifically identifiable that this is from ConnectWise control to allow or whitelist.