Autonomous IT

A routine support ticket reveals a deeper truth about patch management. Your patching tool says "done," but your vulnerability scanner disagrees – so who's right? In this episode, Automox SVP of Customer Experience Charles Coaxum walks through a real customer case. Dozens of machines showed as patched in the dashboard but were flagged as vulnerable by the scanner. The culprit wasn't a bug or misconfiguration. It was the often-overlooked gap between patch execution and patch completion. Learn why pending reboots create silent compliance gaps. Discover how to identify endpoints stuck in limbo. And see how automation turns hours of manual investigation into a minutes-long fix.

March 2026's Patch Tuesday brings no active exploitations, but don't let that fool you. This month, Ryan Braunstein and Henry Smith break down why medium-severity vulnerabilities deserve your full attention.

First up: a Push Message Routing Service memory leak (CVE-2026-24282, CVSS 5.5) that lets attackers scrape session tokens and private keys from heap memory. Then, a pair of GDI bugs (CVE-2026-25181 and CVE-2026-25190) that chain together to defeat ASLR and deliver remote code execution with near-perfect reliability. Henry covers a Windows Accessibility Infrastructure flaw (CVE-2026-24291) hiding in a service most teams never think to harden, plus an SMB authentication bypass (CVE-2026-24294) that echoes EternalBlue and WannaCry.

What you'll learn:
- How attackers chain medium-severity bugs into full compromise paths
- Why the Push Message Routing Service is a target-rich environment for credential theft
- How a two-stage GDI exploit defeats ASLR with near-100% reliability
- Why accessibility services are blind spots on your hardening checklists
- What SMB's history with EternalBlue and WannaCry means for this month's auth bypass

Patch your systems. Audit your service accounts. Don't skip the mediums.

In this episode, Jeremy Maldonado shares his experiences and insights on server management, highlighting the importance of learning from mistakes, the power of automation, and finding balance between Linux and Windows environments. He discusses the challenges and rewards of managing servers, the pivotal role of Ansible in streamlining operations, and the confidence required to maintain a reliable infrastructure. Jeremy encourages listeners to view setbacks as opportunities for growth while reminding us to be kind to ourselves throughout our professional journeys.

This episode originally aired March 6, 2025

The all-knowing IT pro is a myth. In this episode, Automox Senior Solutions Consultant Jeremy Maldonado breaks down why curiosity and asking for help are the real foundations of a successful IT career. He shares how he went from feeling nervous about asking questions to becoming a trusted resource for IT teams across industries, including hospitals, local governments, and school districts.

Jeremy also pulls back the curtain on what he does day to day on the Automox Professional Services team: reviewing IT admins' environments, evaluating patching schedules, and working collaboratively to fine-tune configurations. Rather than coming in as the all-knowing expert, he explains why the best results come from treating every engagement as a shared experience, where both sides learn from each other.

Whether you're early in your IT career or a seasoned admin, this episode is a reminder that growth starts with a question.

Topics covered:

- Why the all-knowing IT pro doesn't exist
- How curiosity drives career growth in IT
- What an Automox environment review looks like
- Tailoring patching best practices to different industries
- Finding room for improvement even when things work

NIST is falling behind on vulnerability scoring — and the gap is growing. In this episode, Peter and Steph break down what that means for IT and security teams relying on CVE data to prioritize patching, and how Automox is solving it.
We cover:
Why NIST's National Vulnerability Database has a growing backlog and what's causing it
How incomplete vulnerability data creates blind spots in your patch management program
Automox's new partnership with VulnCheck to deliver real-time vulnerability intelligence
What KEV (Known Exploitable Vulnerabilities) data is and why your leadership team cares about it
Expanding from fewer than 10 third-party apps to 70% coverage across 500+ supported applications
The rollout plan from third-party apps to macOS, Windows, and Linux
Whether you're running a mature vulnerability management program or just getting started, this episode lays out how the vulnerability data landscape is shifting and what you can do to stay ahead of real-world threats.