Service Advisory - Central Endpoint Protection service scheduled maintenance - Thursday, September 23, 2021 8:00 p.m. to 10:00 p.m.

    Service Advisory   Please share the following information with your teams.   Scheduled maintenance will take place on the Central Endpoint Protection service with Trend Micro on Thursday, September 23, from 8:00 p.m. to 10:00 p.m.  The service maintenance is necessary to install a critical patch from the vendor.   University computer assets […]

Service Advisory - VMware Security Advisory (VMSA-2021-0020)

    Service Advisory   Please share the following information with your teams.   VMware published a new critical security advisory (VMSA-2021-0020) to address multiple vulnerabilities in vCenter Server (versions 6.5, 6.7 and 7) and Cloud Foundation (versions 3.x and 4.x). Exploitation of some of these vulnerabilities could lead to privilege escalation, remote code execution, […]

Service Bulletin - Microsoft Windows 11

    Service Bulletin   Please share the following information with your teams.   Microsoft has announced Windows 11 will be available as a free upgrade for eligible Windows 10 PCs, on October 5, 2021.   York University owned PCs are typically managed by an IT support team and have the automatic OS upgrade disabled. […]

Service Advisory - eClass Outage Sunday September 19, 2021 5:00 a.m. to 7:00 a.m.

    Service Advisory   Please share the following information with your teams.   eClass will be completely offline on Sunday, September 19, 2021 between the hours of 5:00 a.m. to 7:00 a.m. EST for infrastructure upgrades.     During this time, eClass will NOT be accessible.   We do apologize for any inconvenience that […]

Service Advisory - eClass Outage Sunday September 19, 2021 5:00 a.m. to 7:00 a.m.

    Service Advisory   Please share the following information with your teams.   eClass will be completely offline on Sunday, September 19, 2021 between the hours of 5:00 a.m. to 7:00 a.m. EST for infrastructure upgrades.     During this time, eClass will NOT be accessible.   We do apologize for any inconvenience that […]

Service Advisory - CVE-2021-30860 (FORCEDENTRY)

    Service Advisory   Please share the following information with your teams.   Information Security has noticed a zero-day vulnerability (CVE-2021-30806) for Apple iPhones, iPad, Apple watch and Mac OS exploited in the wild. The vulnerability allows a remote attacker to execute arbitrary code on the target system.   Severity level  CVSS Score: (High) 8.4 […]

Service Advisory - Finance Systems scheduled maintenance and outage, Saturday, September 18th 8:00 a.m. to Sunday, September 19th 8:00 p.m.

    Service Advisory   Please share the following information with your teams.   Scheduled database maintenance is taking place on the PeopleSoft Finance systems starting on Saturday, September 18th at 8:00 a.m. and ending on Sunday, September 19th at 8:00 p.m.  Access to the PeopleSoft Finance system as well as the ability to upload […]

Service Bulletin - Central AD and EOL Windows OS

    Service Bulletin   Please share the following information with your teams.   We are not in a position to offer Active Directory support for Server OS and Windows OS systems that are end of life. EOL systems are at risk, Microsoft no longer provides security updates or fixes.   For more information on […]

Service Advisory - Microsoft MSHTML Remote Code Execution Vulnerability (CVE-2021-40444)

    Service Advisory   Please share the following information with your teams.   Information Security has notified a zero-day Microsoft vulnerability (CVE-2021-40444). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.   Severity level  CVSS Score: (High) 8.8    Description  MSHTML is a browser rendering engine that is […]

Service Advisory - CVE-2021-26084 - Confluence Server Webwork OGNL injection

    Service Advisory   Please share the following information with your teams.   Information Security has noticed a recent critical vulnerability (CVE-2021-26084) for confluence servers and Data center exploited in the wild. An unauthenticated, remote attacker could exploit this flaw by sending a specially crafted request to vulnerable endpoints on the Confluence Server or […]