91ŃÇÉ«

Skip to main content Skip to local navigation
UIT
Home » Category: 'News'

News

Oracle PeopleSoft Remote Code Execution Vulnerability (CVE-2026-35273)

Posted on June 12, 2026

    Information Security Advisory A recently disclosed vulnerability (CVE‑2026‑35273) affects Oracle PeopleSoft Enterprise PeopleTools and may allow a remote, unauthenticated attacker to execute arbitrary code and take full control of affected systems. Severity level: CVSS Score: 9.8/Critical. Description: CVE‑2026‑35273 is a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. The […]

Service Advisory - Central WSUS - Wednesday June 17, 2026 10:00 a.m. - 5:00 p.m.

Posted on June 10, 2026

    Service Advisory Please share the following with your teams. Service Maintenance: Central WSUS Scheduled Maintenance Window: Start: Wednesday June 17, 2026 10:00 a.m. End: Wednesday June 17, 2026 5:00 p.m. Impact/Details: UIT teams will complete necessary server OS and database upgrades. Central WSUS will not be available to provide security updates during the maintenance window. We […]

Protecting University-Owned Devices

Posted on June 8, 2026

Dear colleagues, As cyber threats targeting higher education continue to increase, 91ŃÇÉ« is taking steps to strengthen the security standards applied to all University-owned computers. Effective June 22, 2026, all University-owned computers must meet a defined Security Baseline that specifies the minimum set of protections to safeguard University systems, research, and data. This baseline […]

Windows Netlogon RCE Vulnerability (CVE-2026-41089)

Posted on June 3, 2026

    Information Security Advisory A recently discovered critical vulnerability (CVE‑2026‑41089) affects Microsoft Windows Server and may allow a remote, unauthenticated attacker to execute arbitrary code on affected systems by targeting the Netlogon service. Severity level: CVSS Score: 9.8/Critical. Description: CVE‑2026‑41089 is a stack‑based buffer overflow vulnerability in the Windows Netlogon service. The flaw occurs […]

7-Zip Heap Buffer Overflow (CVE-2026-48095)

Posted on May 27, 2026

    Information Security Advisory A recently disclosed vulnerability (CVE‑2026‑48095) affects 7-Zip and may allow a remote attacker to execute arbitrary code on vulnerable systems by tricking the users into opening a specially crafted archive file. Severity level: CVSS Score: 8.8/High. Description: CVE‑2026‑48095 is a heap buffer overflow in 7‑Zip’s NTFS handler caused by improper […]

Service Advisory - MyApps - Friday May 29, 2026 11:00 a.m. - 11:59 a.m.

Posted on May 25, 2026

    Service Advisory Please share the following with your teams. Service Maintenance: MyApps Scheduled Maintenance Window: Start: Friday May 29, 2026 11:00 a.m. End: Friday May 29, 2026 11:59 a.m. Impact/Details: UIT teams will complete standard maintenance to improve service reliability. We do not expect any service impact to the community. We thank you for your time and continued understanding. Contact […]

Service Advisory - eReports outage scheduled for Wednesday June 3, 2026 from 6:30 p.m. - 8:00 p.m.

Posted on May 22, 2026

    Service Advisory Please share the following with your teams. Service Maintenance: eReports Operational Reporting System UIT will be performing scheduled maintenance on the application server to apply security patches. Maintenance window: Start: Wednesday June 3, 2026 – 6:30 p.m. End:   Wednesday June 3, 2026 – 8:00 p.m. Impact/Details: eReports will not be available for use […]

Linux Kernel Local root Privilege Escalation (CVE-2026-46333)

Posted on May 22, 2026

    Information Security Advisory   A recently discovered vulnerability (CVE‑2026‑46333) affects the Linux kernel and may allow a local, unprivileged attacker to access sensitive files and escalate privileges to root, potentially leading to full system compromise. Severity level: CVSS Score: 7.1/High. Description: CVE‑2026‑46333 is a race condition vulnerability in the Linux kernel’s _ptrace_may_access() function […]

Apache HTTP Server Vulnerability (CVE-2026-23918)

Posted on May 8, 2026

    Information Security Advisory   Apache has released a security update to address a vulnerability (CVE‑2026‑23918) in Apache HTTP Server that may result in denial‑of‑service and potential remote code execution under specific configurations. Severity level: CVSS Score: 8.8/High. Description: CVE‑2026‑23918 is a double‑free vulnerability in the mod_http2 module of Apache HTTP Server that occurs […]

Linux Kernel Local Privilege Escalation (CVE-2026-31431)

Posted on May 8, 2026

    Information Security Advisory   A recently disclosed vulnerability (CVE‑2026‑31431), commonly referred to as “Copy Fail”, affects the Linux kernel and may allow a local, unprivileged attacker to escalate privileges and gain full root access on affected systems. Severity level: CVSS Score: 7.8/High. Description: CVE‑2026‑31431 is a local privilege escalation vulnerability caused by a […]