News | UIT /uit Fri, 12 Jun 2026 16:05:00 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 Oracle PeopleSoft Remote Code Execution Vulnerability (CVE-2026-35273) /uit/2026/06/oracle-peoplesoft-remote-code-execution-vulnerability-cve-2026-35273/ Fri, 12 Jun 2026 15:55:12 +0000 /uit/?p=40210

 

A picture containing text Description automatically generated

 


Information Security Advisory


A recently disclosed vulnerability (CVE‑2026‑35273) affects Oracle PeopleSoft Enterprise PeopleTools and may allow a remote, unauthenticated attacker to execute arbitrary code and take full control of affected systems.

Severity level:
CVSS Score: 9.8/Critical.

Description:
CVE‑2026‑35273 is a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. The flaw allows an unauthenticated attacker with network access over HTTP to exploit the application due to missing or improper access controls. An attacker can send specially crafted requests to the vulnerable component to execute arbitrary code, potentially leading to full application takeover without requiring credentials or user interaction.

Affected Versions:
Oracle PeopleSoft Enterprise PeopleTools
Version 8.61
Version 8.62

Impact:
Successful exploitation may allow attackers to gain complete control of the PeopleSoft application.

Resolution:
Install the latest available Oracle PeopleTools patches.

Reference:

 

UIT Information Security

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

 

]]> Service Advisory - Central WSUS - Wednesday June 17, 2026 10:00 a.m. - 5:00 p.m. /uit/2026/06/service-advisory-central-wsus-wednesday-june-17-2026-1000-a-m-500-p-m/ Wed, 10 Jun 2026 20:01:31 +0000 /uit/?p=40208

 

A picture containing text Description automatically generated

 

Service Advisory


Please share the following with your teams.

Service Maintenance:
Central WSUS

Scheduled Maintenance Window:
Start: Wednesday June 17, 2026 10:00 a.m.
End: Wednesday June 17, 2026 5:00 p.m.

Impact/Details:

  • UIT teams will complete necessary server OS and database upgrades.
  • Central WSUS will not be available to provide security updates during the maintenance window.
  • We do not expect any service impact, it is good practice to patch systems outside standard business hours.

We thank you for your time and continued understanding.

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

 

]]> Protecting University-Owned Devices /uit/2026/06/protecting-university-owned-devices/ Mon, 08 Jun 2026 16:02:00 +0000 /uit/?p=40199 Dear colleagues,

As cyber threats targeting higher education continue to increase, 91ɫ is taking steps to strengthen the security standards applied to all University-owned computers. Effective June 22, 2026, all University-owned computers must meet a defined Security Baseline that specifies the minimum set of protections to safeguard University systems, research, and data.

This baseline includes:

  1. Up-to-date operating system patches
  2. Malware protection
  3. Identity and access protection
  4. Secure configuration validation (verifying that device settings remain consistent with security standards)

More detailed information can be found in the Procedureon Use and Security of University-Owned Computing Devices.

Many University-issued computers are already enrolled in approved management platforms (e.g. SCCM for Windows) and will receive these protections automatically. For the majority of users, there will be little to no visible change. The section below outlines what to expect and what action, if any, may be required.

What this means for you

  • The University will begin to enroll all University-owned administrative staff computers on June 22, 2026. Enrollment of all faculty member computers is planned to begin in late fall. In the case of existing computers, users will be contacted ahead of enrollment.
  • University-owned computers must remain enrolled in approved management systems to maintain access to University servers.
  • To maintain security protections, management platform controls must remain active and may not be disabled or removed.
  • Computers that fall out of compliance may have access to certain University services temporarily restricted until restored. UIT will work with affected users to restore compliance as quickly as possible.
  • Personal computers are not subject to these controls; however, high-risk or restricted University activities (such as handling sensitive research data or confidential records) must be conducted on University-owned or approved devices that meet the security baseline.

Protecting privacy and academic freedom

Although these tools protect computers, they do not provide access to personal files, research materials, emails, or browsing history. They do not monitor user activity. In addition, remote support occurs only with your explicit consent. 91ɫ remains committed to protecting academic freedom and the privacy of our community while strengthening institutional cybersecurity. For more information, please visit the University-owned device FAQ.

Questions or support

If you have questions or require assistance:

Contact askit@yorku.ca or reach out to your Faculty IT unit for research-specific concerns. Additional information, including a full FAQ, is available here.

Thank you for your attention to this important initiative. We are committed to making this transition as straightforward as possible and are here to support you along the way.

Sincerely,

University Information Technology

]]> Windows Netlogon RCE Vulnerability (CVE-2026-41089) /uit/2026/06/windows-netlogon-rce-vulnerability-cve-2026-41089/ Wed, 03 Jun 2026 19:19:46 +0000 /uit/?p=40191

 

A picture containing text Description automatically generated

 


Information Security Advisory


A recently discovered critical vulnerability (CVE‑2026‑41089) affects Microsoft Windows Server and may allow a remote, unauthenticated attacker to execute arbitrary code on affected systems by targeting the Netlogon service.

Severity level:
CVSS Score: 9.8/Critical.

Description:
CVE‑2026‑41089 is a stack‑based buffer overflow vulnerability in the Windows Netlogon service. The flaw occurs due to improper handling of specially crafted network requests in the Netlogon RPC interface.

An attacker can exploit this vulnerability by sending a malicious request to a vulnerable domain controller, causing the service to overwrite memory on the stack. This can result in remote code execution with SYSTEM‑level privileges, without requiring authentication or user interaction.

Affected Versions:
Microsoft Windows Server 2012/ 2012 R2.
Microsoft Windows Server 2016.
Microsoft Windows Server 2019.
Microsoft Windows Server 2022 / 2022 23H2.
Microsoft Windows Server 2025. 

Impact:
Successful exploitation may allow attackers to execute arbitrary code with system privileges.

Resolution:
Install the Microsoft’s May 2026 updates immediately.
Prioritize Domain Controller and identity Infrastructure systems.

Reference:

 

UIT Information Security

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

 

]]> 7-Zip Heap Buffer Overflow (CVE-2026-48095) /uit/2026/05/7-zip-heap-buffer-overflow-cve-2026-48095/ Wed, 27 May 2026 19:43:15 +0000 /uit/?p=40181

 

A picture containing text Description automatically generated

 

Information Security Advisory


A recently disclosed vulnerability (CVE‑2026‑48095) affects 7-Zip and may allow a remote attacker to execute arbitrary code on vulnerable systems by tricking the users into opening a specially crafted archive file.

Severity level:
CVSS Score: 8.8/High.

Description:
CVE‑2026‑48095 is a heap buffer overflow in 7‑Zip’s NTFS handler caused by improper memory allocation when processing crafted archive data. Opening a malicious file can trigger memory corruption, potentially leading to remote code execution.

Affected Versions:
All versions up to and including 26.00.

Impact:
Successful exploitation may allow attackers to execute arbitrary code on the system.

Resolution:
Upgrade to fixed 7-Zip version 26.01 or later.

Reference:

 

UIT Information Security

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

 

]]> Service Advisory - MyApps - Friday May 29, 2026 11:00 a.m. - 11:59 a.m. /uit/2026/05/service-advisory-myapps-friday-may-29-2026-1100-a-m-1159-a-m/ Mon, 25 May 2026 17:11:13 +0000 /uit/?p=40135

 

A picture containing text Description automatically generated

 

Service Advisory


Please share the following with your teams.

Service Maintenance:
MyApps

Scheduled Maintenance Window:
Start: Friday May 29, 2026 11:00 a.m.
End: Friday May 29, 2026 11:59 a.m.

Impact/Details:

  • UIT teams will complete standard maintenance to improve service reliability.
  • We do not expect any service impact to the community.

We thank you for your time and continued understanding.

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

 

]]> Service Advisory - eReports outage scheduled for Wednesday June 3, 2026 from 6:30 p.m. - 8:00 p.m. /uit/2026/05/service-advisory-ereports-outage-scheduled-for-wednesday-june-3-2026-from-630-p-m-800-p-m/ Fri, 22 May 2026 19:00:58 +0000 /uit/?p=40125

 

A picture containing text Description automatically generated

 

Service Advisory

Please share the following with your teams.

Service Maintenance:
eReports Operational Reporting System

UIT will be performing scheduled maintenance on the application server to apply security patches.

Maintenance window:
Start: Wednesday June 3, 2026 – 6:30 p.m.
End:   Wednesday June 3, 2026 – 8:00 p.m.

Impact/Details:
eReports will not be available for use during the maintenance window.


We thank you for your time and continued understanding.

Contact

IT Client Services at askIT@yorku.ca or 416 736 5800

 

 

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

]]> Linux Kernel Local root Privilege Escalation (CVE-2026-46333) /uit/2026/05/linux-kernel-local-root-privilege-escalation-cve-2026-46333/ Fri, 22 May 2026 18:18:02 +0000 /uit/?p=40123

 

A picture containing text Description automatically generated

 

Information Security Advisory

 

A recently discovered vulnerability (CVE‑2026‑46333) affects the Linux kernel and may allow a local, unprivileged attacker to access sensitive files and escalate privileges to root, potentially leading to full system compromise.

Severity level:
CVSS Score: 7.1/High.

Description:
CVE‑2026‑46333 is a race condition vulnerability in the Linux kernel’s _ptrace_may_access() function caused by improper handling of process state during termination. When a privileged process exits, there is a brief window where its memory context is cleared but its file descriptors remain open. An unprivileged local user can exploit this timing window using system calls such as pidfd_getfd () to access open file descriptors from privileged processes. This allows attackers to bypass security checks and access restricted resources. Exploitation can result in the disclosure of sensitive files such as /etc/shadow and SSH private keys.

Affected Versions:
Linux Kernel:
All kernel versions from November 2016 up to the release of vendor patches are affected.

 

Impacted Linux Distribution:
Ubuntu
Debian
Red Hat Enterprise Linux (RHEL)
SUSE Linux Enterprise
Fedora, Arch Linux and other mainstream distributions.

Impact:
Successful exploitation may allow attackers to read sensitive files and escalate privileges to root.

Resolution:
Please update the Linux kernel to the fixed version released by the distribution vendor.

Mitigations:
Where immediate patching is not possible:
Disable or restrict untrusted local user access.
Restrict ptrace access.

Reference:

 

Information Security 

Contact
IT Client Services at askIT@yorku.ca or 416 736 5800

 

 

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

]]> Apache HTTP Server Vulnerability (CVE-2026-23918) /uit/2026/05/apache-http-server-vulnerability-cve-2026-23918/ Fri, 08 May 2026 20:30:24 +0000 /uit/?p=39988

 

A picture containing text Description automatically generated

 

Information Security Advisory

 

Apache has released a security update to address a vulnerability (CVE‑2026‑23918) in Apache HTTP Server that may result in denial‑of‑service and potential remote code execution under specific configurations.

Severity level:
CVSS Score: 8.8/High.

Description:
CVE‑2026‑23918 is a double‑free vulnerability in the mod_http2 module of Apache HTTP Server that occurs during HTTP/2 stream handling. A specially crafted sequence of HTTP/2 frames can cause improper memory deallocation, leading to worker process crashes. In certain deployments—particularly those using Apache Portable Runtime (APR) with the mmap allocator—this flaw may be leveraged to achieve remote code execution in addition to denial‑of‑service.

Affected Versions:
Apache HTTP Server version 2.4.66 with mod_http2_enabled.

Impact:
Successful exploitation may allow attackers to potentially execute arbitrary code remotely on vulnerable systems.

Resolution:
Please upgrade to Apache HTTP Server 2.4.67 or later.

Reference:

 



Information Security 

Contact
IT Client Services at askIT@yorku.ca or 416 736 5800

 

 

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

]]> Linux Kernel Local Privilege Escalation (CVE-2026-31431) /uit/2026/05/linux-kernel-local-privilege-escalation-cve-2026-31431/ Fri, 08 May 2026 15:45:07 +0000 /uit/?p=39979

 

A picture containing text Description automatically generated

 

Information Security Advisory

 

A recently disclosed vulnerability (CVE‑2026‑31431), commonly referred to as “Copy Fail”, affects the Linux kernel and may allow a local, unprivileged attacker to escalate privileges and gain full root access on affected systems.

Severity level:
CVSS Score: 7.8/High.

Description:
CVE‑2026‑31431 is a local privilege escalation vulnerability caused by a logic flaw in the Linux kernel’s cryptographic subsystem, specifically the algif_aead module within the AF_ALG interface. Due to improper handling of in‑place cryptographic operations, an unprivileged local user can perform a controlled write to the kernel’s page cache of readable files. The attack vector is local (AV:L) and requires low privileges with no user interaction.

Affected Versions:
Linux Kernel: All kernel versions released from August 2017 up to the availability of vendor patches.

Impacted Linux Distribution:
Ubuntu (all supported releases prior to patched kernels).
Debian.
Red Hat Enterprise Linux (RHEL).
Amazon Linux.
SUSE Linux Enterprise.
Fedora, Arch Linux, AlmaLinux, Rocky Linux, Oracle Linux

Impact:
Successful exploitation may allow attackers to escalate from an unprivileged local user to full root access.

Resolution:
Please update the Linux kernel to the fixed version released by the distribution vendor.

Mitigations:
Where immediate patching is not possible:
Disable or restrict access to the AF_ALG interface.
Prevent loading of the vulnerable algif_aead module where supported.
Limit local shell access and enforce least‑privilege controls.

Reference:

 

Information Security 

Contact
IT Client Services at askIT@yorku.ca or 416 736 5800

 

 

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: 91ɫ, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web 

 

 

]]>