News

Dark blue background with a white computer icon. On its screen is an exclamation mark.

ADVISORY: Prepare to patch high-severity vulnerability in curl and libcurl

10/10/2023

See the update to this advisory. This message is intended for U-M IT staff who are responsible for any systems that utilize curl and libcurl.

illustration of a hand holding a phone with a red warning icon jumping out of it.

NOTICE: Update Android Devices ASAP

10/06/2023

Google has released an important update for Android to remediate a zero-day vulnerability (CVE-2023-4863 and CVE-2023-4211) that is being actively exploited in the wild. We expect additional software vendors will also be releasing updates to fix other applications affected by this vulnerability.

Update Android devices as soon as possible.

laptop screen with someone pointing at the exclamation mark icons on the screen

ALERT: Vulnerability in GNU C Library on many Linux Distributions

10/06/2023

A vulnerability (CVE-2023-4911) in the GNU C Library (i.e., glibc) on many popular Linux distributions has been discovered. Successful exploit of this vulnerability can give a malicious actor full root privileges. Proof of concept (POC) exploit code is publicly available. Linux systems should be patched as soon as possible.

ALERT: Apply Urgent Update to Google Chrome and Mozilla Firefox Browsers, and other software (CVE-2023-5217)

10/02/2023

NOTE: EDEM is in the process of getting the updated version packaged and will be deploying it to all CoreImage devices in the coming days - there is no action CoreImage users need to take. Note that EDEM does not manage Firefox, so if users have it installed they should follow ITS instructions and update manually.

Major Incident impacting Level-2 authentication services is resolved.

09/19/2023

A major incident impacting Level 2 authentication services has been resolved. 

ALERT: Apply Urgent Update to Firefox and Thunderbird

09/14/2023

This message is intended for U-M IT staff who are responsible for university devices running the Mozilla Firefox web browser or Thunderbird email client. It will also be of interest to individuals who have these programs installed on their own devices.

 

 

NOTICE: Robocall phishing scam referring to mandated U-M password change

09/14/2023

Be aware of this and share/advise those in your community that this calling activity is a scam.

Laptop with a red background indicating a warning

ALERT: Apply Urgent Update to Google Chrome Browser

09/14/2023

Google has released an important update to the Google Chrome web browser for a zero-day vulnerability that is being actively exploited in the wild. Update Chrome as soon as possible.

 

 

Get ready for Performance Management in Cornerstone

09/07/2023

This week, the organization will officially retire its annual Valuation form.

Services & Support
Dark blue background with a white circle with a blue lock icon. The words promote One Password.

Change Your UMICH (Level-1) Password

09/06/2023

The University of Michigan is requiring all community members to change their UMICH (Level-1) password by the end of the day on Tuesday, September 12. NOTE: Michigan Medicine (Level-2) passwords do not need to be changed.

Security
person kneeling by a dog with a colorful pink sky in the background

HITS Senior Technical Business Systems Analyst, Ray Khamo, is featured in Michigan IT Newsletter

09/01/2023

Ray Khamo talks Microsoft, his team's impact on the university, golf, and his family's journey.

Help Me Now and UH South Paging Office will be closed over the Labor Day holiday

08/30/2023
Help Me Now and UH South Paging Office will be closed over the Labor Day holiday.

NOTICE: Beware of Job Scam Emails Targeting U-M Students

08/02/2023

Help spread awareness of scam emails that target students

 

Wolverine Access has a fresh look; now easier to use and customize

07/17/2023

Wolverine Access got a fresh look look and enhanced usability on July 15.

Clinical, Education, Research, Security, Services & Support

MiChart Platform Upgrade: Sunday, July 9

07/06/2023

The upgrade to the new MiChart software platform will take place Sunday, July 9, starting at 1 a.m.  

 

 

Clinical, Education, Research, Security, Services & Support

Workstation Information application has been retired

06/27/2023

Workstation Information was a HITS-developed and maintained tool installed across the Classic-CoreImage fleet.  It was removed recently due to lack of compatibility with other HITS systems.

Security, Services & Support

Help Me Now and UH South Paging Services Offices closed on Fourth of July

06/26/2023

HITS walk-up support will be closed on Tuesday, July 4. 

ITS IA Advisory: Update for Shibboleth Service Providers

06/15/2023

This message is intended for Shibboleth Service Providers (SPs)

The XMLTooling library in OpenSAML and Shibboleth Service Provider software contains a server-side request forgery (SSRF) vulnerability. Update to version 3.2.4 or later of the XMLTooling library to fix the vulnerability.

ALERT: Apply Emergency Update to Chrome

06/07/2023

A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Patches to Google Chrome should be applied immediately after appropriate testing.

Help Me Now and UH South Paging Services Offices closed on Memorial Day

05/17/2023

HITS walk-up support will be closed on Monday, May 29.

NOTICE: Beware of Phishing Emails Targeting Students

05/02/2023

Highly customized email scams continue to target students at U-M with offers of jobs, internships, accommodations, and more. 

ITS IA Alert: Apply emergency update to Google Chrome browser–No manual steps needed for CoreImage users

04/26/2023

A zero-day vulnerability has been discovered in the Google Chrome browser that could allow for remote code execution. There are no manual steps any CoreImage user should take for this.

Working offsite? Connect your CoreImage device to VPN by May 15 to maintain network access.

04/26/2023

Flexible work is a great Michigan Medicine perk. But if you're not coming onsite regularly, you may not be getting all of the software and security updates your CoreImage PC needs.

Security, Services & Support

Customers may have issues viewing or accessing M365 web applications (at office.com)

04/20/2023

NOTE: This issue has been resolved. If you experience any problems using M365 tools or services, please submit a ticket via the Help Center.

ITS Information Assurance alert: Update WordPress Elementor Pro plug-in for vulnerability

04/04/2023

A vulnerability in Elementor Pro, a widely used WordPress plugin, is actively being exploited by threat actors. Apply the latest updates to Elementor Pro immediately after appropriate testing.

Pages