You are here:

CHPC Reboot of Windows Servers (Beehive and Narwhal) to deploy critical security patch at 9 pm on January 16th

Date Posted: January 16th, 2020

CHPC will be rebooting the windows servers Beehive and Narwhal at 9 pm, January 16th to deploy the patch for the below vulnerability. Please make sure to save your work prior to this reboot.


From: University IT <uit@utah.edu>
Sent: Thursday, January 16, 2020 2:31 PM
To: University Information Technology
Subject: Security flaw in Windows CryptoAPI (CVE-2020-0601)

Summary
Microsoft recently issued an advisory about a spoofing vulnerability in the way Windows CryptoAPI validates elliptic-curve cryptography (ECC) certificates. If exploited, it could allow criminals to conduct man-in-the-middle attacks and decrypt confidential information on user connections to Windows 10 software.

Impact
The University of Utah’s Information Security Office is aware of the issue and is closely monitoring developments. Microsoft has released security updates, as well as information about other ways to mitigate the risk.

Recommendations
Users should ensure their devices are up to date with currently-available patches.

More information
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
If you have questions, your local IT support staff may be able to assist, or you may contact your respective central help desk: UIT Help Desk (801-581-4000, option 1) or the ITS Service Desk (801-587-6000). 

Corey Roach
Chief Information Security Officer
University of Utah

Last Updated: 1/16/20