March 15, 2023
Summary Recommendations for UW students, faculty, and staff Technical details Things UW-IT will do Recommendations for IT Staff Resources Summary On March 14th, Microsoft disclosed a critical security vulnerability (CVE-2023-23397) that affects all supported versions of Microsoft Outlook for Windows. The vulnerability can be exploited with an email message or a calendar invitation, and ultimately,…
July 9, 2021
Also see: Recommendations for UW students, faculty, and staff On July 7, Microsoft released an emergency patch for a vulnerability, dubbed “PrintNightmare,” in its Print Spooler service. It’s a serious vulnerability for several reasons, among them: It allows attackers to access your computer over the Internet (via remote code execution or RCE) to steal data…
July 2, 2021
Also see: PrintNightmare: What to do at home Latest update August update Key points How do I know if I’m vulnerable? What can I do about it? Recommendations for UW students, faculty, and staff References This post pertains to CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability. The code that contains the vulnerability is present…
September 16, 2020
Zerologon (CVE-2020-1472) Domain Controller Exploit in Windows AD (This alert is for IT staff in departments running their own AD domain. This is an issue at the Windows domain level, not at the individual Windows computer level.) tl;dr There are many exploits on github that could allow an adversary to run remote code that enables…
September 10, 2020
Secure your WSUS environment with HTTPS for future updates. This week Microsoft announced that the installation of this month’s (Sept 2020) security updates will stop future software updates from arriving if organizations using its Windows Server Update Services (WSUS) solution for patch management are connecting using the HTTP protocol rather than HTTPS. WSUS is configured…
September 9, 2020
Web shells allow remote administration on web servers. They may be used for legitimate purposes, but they are often installed by cybercriminals and other adversaries to gain unauthorized access to systems and networks, including those at universities. Our new risk advisory has more information about this threat and tactics for mitigating it. Go to advisory…