March 15, 2023

Patch now! MS Outlook 0-Day vulnerability

Summary Recommendations for UW students, faculty, and staff Technical details Things UW-IT will do Recommendations for IT Staff Resources Summary On March 14th, Microsoft disclosed a critical security vulnerability (CVE-2023-23397) that affects all supported versions of Microsoft Outlook for Windows. The vulnerability can be exploited with an email message or a calendar invitation, and ultimately,…

July 9, 2021

PrintNightmare: What to do at home

printer on fire

Also see: Recommendations for UW students, faculty, and staff On July 7, Microsoft released an emergency patch for a vulnerability, dubbed “PrintNightmare,” in its Print Spooler service. It’s a serious vulnerability for several reasons, among them: It allows attackers to access your computer over the Internet (via remote code execution or RCE) to steal data…

July 2, 2021

Print Spooler vulnerability “PrintNightmare”


Also see: PrintNightmare: What to do at home Latest update August update Key points How do I know if I’m vulnerable? What can I do about it? Recommendations for UW students, faculty, and staff References This post pertains to CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability. The code that contains the vulnerability is present…

September 16, 2020

Windows Active Directory Vulnerability

Zerologon (CVE-2020-1472) Domain Controller Exploit in Windows AD (This alert is for IT staff in departments running their own AD domain. This is an issue at the Windows domain level, not at the individual Windows computer level.) tl;dr There are many exploits on github that could allow an adversary to run remote code that enables…

September 10, 2020

Microsoft WSUS vulnerable to attack

Secure your WSUS environment with HTTPS for future updates. This week Microsoft announced that the installation of this month’s (Sept 2020) security updates will stop future software updates from arriving if organizations using its Windows Server Update Services (WSUS) solution for patch management are connecting using the HTTP protocol rather than HTTPS. WSUS is configured…

September 9, 2020

Web Shells Risk Advisory

Web shells allow remote administration on web servers. They may be used for legitimate purposes, but they are often installed by cybercriminals and other adversaries to gain unauthorized access to systems and networks, including those at universities. Our new risk advisory has more information about this threat and tactics for mitigating it. Go to advisory…