CHPC will be rebooting the windows servers Beehive and Narwhal at 9 pm, January 16th to deploy the patch for the below vulnerability. Please make sure to save your work prior to this reboot.
From: University IT <firstname.lastname@example.org>
Sent: Thursday, January 16, 2020 2:31 PM
To: University Information Technology
Subject: Security flaw in Windows CryptoAPI (CVE-2020-0601)
Microsoft recently issued an advisory about a spoofing vulnerability in the way Windows CryptoAPI validates elliptic-curve cryptography (ECC) certificates. If exploited, it could allow criminals to conduct man-in-the-middle attacks and decrypt confidential information on user connections to Windows 10 software.
The University of Utah’s Information Security Office is aware of the issue and is closely monitoring developments. Microsoft has released security updates, as well as information about other ways to mitigate the risk.
Users should ensure their devices are up to date with currently-available patches.
If you have questions, your local IT support staff may be able to assist, or you may contact your respective central help desk: UIT Help Desk (801-581-4000, option 1) or the ITS Service Desk (801-587-6000).
Chief Information Security Officer
University of Utah