NOTICE: Robocall phishing scam referring to mandated U-M password change


Be aware of this and share/advise those in your community that this calling activity is a scam.

Laptop with a red background indicating a warning

ALERT: Apply Urgent Update to Google Chrome Browser


Google has released an important update to the Google Chrome web browser for a zero-day vulnerability that is being actively exploited in the wild. Update Chrome as soon as possible.



Get ready for Performance Management in Cornerstone


This week, the organization will officially retire its annual Valuation form.

Services & Support
Dark blue background with a white circle with a blue lock icon. The words promote One Password.

Change Your UMICH (Level-1) Password


The University of Michigan is requiring all community members to change their UMICH (Level-1) password by the end of the day on Tuesday, September 12. NOTE: Michigan Medicine (Level-2) passwords do not need to be changed.

person kneeling by a dog with a colorful pink sky in the background

HITS Senior Technical Business Systems Analyst, Ray Khamo, is featured in Michigan IT Newsletter


Ray Khamo talks Microsoft, his team's impact on the university, golf, and his family's journey.

Help Me Now and UH South Paging Office will be closed over the Labor Day holiday

Help Me Now and UH South Paging Office will be closed over the Labor Day holiday.

NOTICE: Beware of Job Scam Emails Targeting U-M Students


Help spread awareness of scam emails that target students


Wolverine Access has a fresh look; now easier to use and customize


Wolverine Access got a fresh look look and enhanced usability on July 15.

Clinical, Education, Research, Security, Services & Support

MiChart Platform Upgrade: Sunday, July 9


The upgrade to the new MiChart software platform will take place Sunday, July 9, starting at 1 a.m.  



Clinical, Education, Research, Security, Services & Support

Workstation Information application has been retired


Workstation Information was a HITS-developed and maintained tool installed across the Classic-CoreImage fleet.  It was removed recently due to lack of compatibility with other HITS systems.

Security, Services & Support

Help Me Now and UH South Paging Services Offices closed on Fourth of July


HITS walk-up support will be closed on Tuesday, July 4. 

ITS IA Advisory: Update for Shibboleth Service Providers


This message is intended for Shibboleth Service Providers (SPs)

The XMLTooling library in OpenSAML and Shibboleth Service Provider software contains a server-side request forgery (SSRF) vulnerability. Update to version 3.2.4 or later of the XMLTooling library to fix the vulnerability.

ALERT: Apply Emergency Update to Chrome


A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Patches to Google Chrome should be applied immediately after appropriate testing.

Help Me Now and UH South Paging Services Offices closed on Memorial Day


HITS walk-up support will be closed on Monday, May 29.

NOTICE: Beware of Phishing Emails Targeting Students


Highly customized email scams continue to target students at U-M with offers of jobs, internships, accommodations, and more. 

ITS IA Alert: Apply emergency update to Google Chrome browser–No manual steps needed for CoreImage users


A zero-day vulnerability has been discovered in the Google Chrome browser that could allow for remote code execution. There are no manual steps any CoreImage user should take for this.

Working offsite? Connect your CoreImage device to VPN by May 15 to maintain network access.


Flexible work is a great Michigan Medicine perk. But if you're not coming onsite regularly, you may not be getting all of the software and security updates your CoreImage PC needs.

Security, Services & Support

Customers may have issues viewing or accessing M365 web applications (at


NOTE: This issue has been resolved. If you experience any problems using M365 tools or services, please submit a ticket via the Help Center.

ITS Information Assurance alert: Update WordPress Elementor Pro plug-in for vulnerability


A vulnerability in Elementor Pro, a widely used WordPress plugin, is actively being exploited by threat actors. Apply the latest updates to Elementor Pro immediately after appropriate testing.

ALERT: Update Progress Telerik against active exploit


This message was sent to U-M IT groups on Tuesday, 3/21/23. It is intended for U-M IT staff who are responsible for university web servers that use the Progress Telerik User Interface for the .NET framework that runs on Windows.

New! Find IT and data info on the Research Project Process Map


The ‘IT and Data’ brown line guides researchers through IT security processes via the Research Project Route Map. 

Education, Research, Security

Doublecheck your data: is it safely stored?



As HITS prepares for a CoreImage system update, we remind users to save all data to the cloud or other secure storage.

Clinical, Education, Research, Security, Services & Support

Trouble in two-factor paradise: Hackers double down on Duo scams


Duo, U-M’s two-factor authentication service, has become the latest technology targeted by hackers. Earlier this month, leaders in Michigan Medicine’s Information Assurance (MM:IA) team rang the alarm bell.

Daylight Saving Time Begins - Effect on MiChart: Sunday, March 12, 2 a.m.


Sunday, March 12 marks the beginning of Eastern Daylight-Saving Time (DST) which will result in skipping the hour from 2 a.m. to 3 a.m. Once the time change occurs, this means the MiChart downtime for the upgrade will begin at 3 a.m. 


For details on the impacts to MiChart, review the Spring 2023 - Daylight Saving Time (DST) document.

Clinical, Education, Research, Security, Services & Support

New monthly Cornerstone Learning report will enable Michigan Medicine leaders to track their teams' training completions


Starting March 1, a new Cornerstone Learning report (“Manager Digest”) will be emailed to all Michigan Medicine leaders automatically each month – whenever any of their direct reports has assigned training modules that are overdue.