2023: News Archive

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ALERT: Update Google Chrome ASAP for Zero-Day Vulnerability (no action needed for CoreImage machines)

12/21/2023

This message is intended for U-M IT staff who are responsible for university devices running the Google Chrome web browser. No further action is needed for CoreImage users. It will also be of interest to individuals who have Chrome installed on their own devices.

 

HITS Expands AV Support for Events with Preferred Partner

12/13/2023

City Events Group will join HITS in supporting events across the hospital and medical school.

house icon with a lock in front of it

Help Me Now (HMN) and Paging offices will be closed Monday, December 25 and Monday, January 1

12/13/2023

The in-person services will be closed for the holiday.

 

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ALERT: Apply Urgent Update to Google Chrome

11/30/2023

NOTE: EDEM is in the process of getting the updated version packaged and will be deploying it to all CoreImage devices in the coming days - there is no action CoreImage users need to take. However, it will be of interest to individuals who have Chrome installed on their own devices.

Offboarding 101: don’t lose your team’s data when someone leaves Michigan Medicine

11/27/2023

Protect your team’s hard work. Incorporate these offboarding practices for a secure and seamless transition.

Closed sign with cool fast lights effect in background

Help Me Now and UH South Paging Services Offices closed from November 23–November 24

11/21/2023

The in-person services will be closed for the holidays.

calendar icon with availability

Outlook calendar update beginning Nov. 16

11/14/2023

On Thursday, November 16th at 6:00 a.m., HITS will implement the ability to view Outlook calendars across Michigan Medicine, Sparrow, and U Health-West. 

Dark blue background with a white computer icon. On its screen is an exclamation mark.

NOTICE: Increase in Phishing Scams Utilizing Legitimate Services

11/14/2023

There has been an increase in phishing scams that utilize or imitate legitimate U-M services, such as Duo and DocuSign.  Please be aware of these ongoing scams and share this information with faculty, staff and students in your unit.

trophy on dark blue background

Michigan Medicine named best hospital in Michigan by Newsweek

10/31/2023

Newsweek calculated scores for each hospital by weighing recommendations from peers, patient experience data, hospital quality metrics and patient-reported outcome measures implementation. 

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ALERT: Update VMware vCenter Server for critical vulnerability

10/25/2023

VMware has released updates to address a critical vulnerability in VMware vCenter Server that could lead to possible remote code execution. Affected VMware servers and components should be updated as soon as possible after appropriate testing. Because of the severity of the vulnerability and the lack of workaround to mitigate it, VMware has released patches for some legacy versions of their products, as noted below.

 

Ready for fewer Duo prompts? ‘Remember Me’ now available for Michigan Medicine

10/25/2023

Duo Remember Me for seven days is now available across applications where you sign in with your Michigan Medicine (Level-2) credentials.

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ITS IA Notice: Beware of student football ticket scams

10/23/2023

Help spread awareness of student ticket scams

ITS Information Assurance recently has seen an increase in the sophistication of student football ticket scams. Please be aware of these ongoing scams and share this information with your student population, student advisors, and faculty.

The scammers use GroupMe or other social media to offer U-M football tickets for sale. Then the scammers follow up by sending forged emails that appear to come from real students’ @umich.edu email addresses. The emails:

Claim to prove the legitimacy of the ticket sellers.
Ask the recipients to send payment through CashApp, Venmo, or other methods.
Promise to transfer the tickets once payment is made.

 

Students should be suspicious of offers for football tickets and should send a new, separate email to the seller’s @umich.edu email address to verify their identity. If they reply to a message they received, the reply-to address will most likely be another email address and they may not notice if they are not paying attention.

 

Refer to How to Spot a Spoof for tips on recognizing clues that indicate an email might be spoofed or forged.
Students who have fallen victim to one of these scams, which resulted in loss of money, should contact the University of Michigan Police Department at 734-763-1131.

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ADVISORY: Apply patch in curl for high-severity vulnerability

10/11/2023

An update to address a high-severity vulnerability in curl and libcurl, a command line tool and library for transferring data, has been released with curl 8.4.0. Apply the patch as soon as possible after appropriate testing to affected systems, especially those using SOCKS5 proxies.

MiChart System Upgrade Downtime - October 22

10/10/2023

Sunday, October 22, 2 - 4:30 a.m., the Fall MiChart upgrade will occur. This will be the final planned upgrade for 2023. 

 

This will impact all MiChart users and users of applications that send data to or receive data from MiChart. 

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ADVISORY: Prepare to patch high-severity vulnerability in curl and libcurl

10/10/2023

See the update to this advisory. This message is intended for U-M IT staff who are responsible for any systems that utilize curl and libcurl.

laptop screen with someone pointing at the exclamation mark icons on the screen

ALERT: Vulnerability in GNU C Library on many Linux Distributions

10/06/2023

A vulnerability (CVE-2023-4911) in the GNU C Library (i.e., glibc) on many popular Linux distributions has been discovered. Successful exploit of this vulnerability can give a malicious actor full root privileges. Proof of concept (POC) exploit code is publicly available. Linux systems should be patched as soon as possible.

illustration of a hand holding a phone with a red warning icon jumping out of it.

NOTICE: Update Android Devices ASAP

10/06/2023

Google has released an important update for Android to remediate a zero-day vulnerability (CVE-2023-4863 and CVE-2023-4211) that is being actively exploited in the wild. We expect additional software vendors will also be releasing updates to fix other applications affected by this vulnerability.

Update Android devices as soon as possible.

ALERT: Apply Urgent Update to Google Chrome and Mozilla Firefox Browsers, and other software (CVE-2023-5217)

10/02/2023

NOTE: EDEM is in the process of getting the updated version packaged and will be deploying it to all CoreImage devices in the coming days - there is no action CoreImage users need to take. Note that EDEM does not manage Firefox, so if users have it installed they should follow ITS instructions and update manually.

Major Incident impacting Level-2 authentication services is resolved.

09/19/2023

A major incident impacting Level 2 authentication services has been resolved. 

Laptop with a red background indicating a warning

ALERT: Apply Urgent Update to Google Chrome Browser

09/14/2023

Google has released an important update to the Google Chrome web browser for a zero-day vulnerability that is being actively exploited in the wild. Update Chrome as soon as possible.

 

 

NOTICE: Robocall phishing scam referring to mandated U-M password change

09/14/2023

Be aware of this and share/advise those in your community that this calling activity is a scam.

ALERT: Apply Urgent Update to Firefox and Thunderbird

09/14/2023

This message is intended for U-M IT staff who are responsible for university devices running the Mozilla Firefox web browser or Thunderbird email client. It will also be of interest to individuals who have these programs installed on their own devices.

 

 

Get ready for Performance Management in Cornerstone

09/07/2023

This week, the organization will officially retire its annual Valuation form.

Dark blue background with a white circle with a blue lock icon. The words promote One Password.

Change Your UMICH (Level-1) Password

09/06/2023

The University of Michigan is requiring all community members to change their UMICH (Level-1) password by the end of the day on Tuesday, September 12. NOTE: Michigan Medicine (Level-2) passwords do not need to be changed.

person kneeling by a dog with a colorful pink sky in the background

HITS Senior Technical Business Systems Analyst, Ray Khamo, is featured in Michigan IT Newsletter

09/01/2023

Ray Khamo talks Microsoft, his team's impact on the university, golf, and his family's journey.

Pages