Safe Computing

Vulnerability in Google Chrome and Microsoft Edge, update advised

Posted in Security Advisories by on March 27th, 2022

As per the recent posts on the Google blog, dated March 25, 2022, and the Microsoft Security Response Center, dated March 26, 2022, both Google and Microsoft has released a new update for their browsers that includes 1 very serious patch. The update includes a fix for an as of yet undisclosed critical vulnerabilities.

We advise you update Chrome and Edge on all computers and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.

For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.

For information on how to update Edge, see the Microsoft Support page, Microsoft Edge update settings.

Fraudulent IT Support Calls Against Campus Community Members, Caution Advised

Posted in Security Advisories by on March 24th, 2022

S&T IT has been made aware of a developing cybersecurity threat to the campus community. It is important that you know, malicious actors are calling members members of the campus community on their members of the campus community on their personal cell phones and identifying themselves as IT support staff. The malicious actors are asking for access to computers, and falsely diagnosing the computer as being hacked. Members of the campus community are then informed they will need to pay to fix the issue. These calls are a scam and offer fraudulent services under the guise of providing subscription-based IT support.

The S&T IT Division and staff want you to know and understand the following:
• We will NEVER call a personal cell phone unexpectedly or in an unsolicited fashion
• We will NEVER request payment from you over the phone
• We will NEVER offer a subscription for the services we provide

If you receive such a call or experience other questionable interactions regarding support for your computer, please notify security@mst.edu immediately.

To briefly explain the behavior you should expect from S&T IT in this capacity, we will only call your personal cell phone IF that is the phone number you provide in a self-initiated help request to . Also, we do not charge a person directly for any service provided. Services will be charged to a MoCode that is provided by your department, or invoiced accordingly.

Vulnerability impacting large numbers of Linux Distributions, Updates Advised

Posted in Security Advisories by on January 26th, 2022

As per the recent post on the Qualys security blog post, there is a vulnerability impacting a large number of Linux distributions that allows local privilege escalations. This vulnerability is in the pkexec program, which will be installed by default on many Linux distributions.

We advise you update Linux on all computer and devices, at home and at work, (campus and personal) that connect to a network as soon as possible.

For information on how to update your Linux distribution, see your vendor’s website.

Multiple vulnerabilities in Google Chrome, updates advised

Posted in Security Advisories by on January 5th, 2022

As per the recent post on the Google blog, dated January 4, 2022, Google has released a new update for Chrome that includes 37 new security fixes. The updates includes a fix for an as of yet undisclosed critical vulnerabilities.

We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.

For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.

Multiple vulnerabilities in macOS, updates advised

Posted in Security Advisories by on October 28th, 2021


As per the recent posts on Apple Support page, dated October 25, 2021, Apple has released a new update for macOS Monterey and macOS Big Sur that includes important new security fixes. The new update includes security patches that correct issues which allow malicious actors to execute unauthorized code on your computer, or malicious applications and websites to get private information from your computer.

We advise you update your macOS computer at home and at work, (campus and personal) before you use them.

For information on how to update macOS on your Mac see the Apple Support page, Update macOS on your Mac.

Multiple Vulnerabilities in iPhone and iPad, update advised

Posted in Security Advisories by on October 28th, 2021

As per the recent post on Apple Support, dated October 25, 2021, Apple has released a new update for iOS and iPadOS that includes important new security fixes. The new update includes security patches that correct issues which allow malicious actors to execute unauthorized code on your device, or malicious websites to get private information from your device.

We advise you update your iOS and iPadOS devices at home and at work, (campus and personal) before you use them.

For information on how to update your iOS or iPadOS devices see the Apple Support page, Update your iPhone, iPad, or iPod touch.

I think my machine is compromised! What should I do?

Posted in Protect Your Campus, Protect Yourself by on October 27th, 2021

Imagine waking up in the morning to find an intruder living in your house, wearing your pajamas, eating out of your refrigerator, using your bank account, and answering the phone pretending to be you every time it rings. Maybe your initial reaction is to keep the situation to yourself because you don’t want to have to explain to anybody where the intruder got the panda onesie from, but you can’t ignore the fact that an intruder is living in your house. You would probably lock yourself in a room and call for help.

This scenario may seem a little extreme but it is identical to the situation you might find yourself in when your computer gets compromised. However, the longer you wait to fix the issue, the more the compromise may spread beyond your computer and your accounts.

What should you do?

The problem won’t go away until you report and clean up the compromise.

Personal Computer

If this happens on your personal computer:

  • Shut down your computer.
  • Contact a local computer support professional.
  • From another computer or device, change your passwords on all the accounts you’ve logged into from that computer. If you have used campus resources on that computer, you will need to change your campus password and report the incident to S&T IT Security.

Campus Computer

If your campus computer is compromised, follow the steps below:

It is essential that all university faculty, staff, and students should immediately report a security incident to improve the overall security environment.

See UM’s Information Security Mandatory Reporting Requirement Policy>>

Multiple vulnerabilities in Firefox, updates advised

Posted in Security Advisories by on October 11th, 2021

As per the recent post on the Mozilla Foundation Security Advisories page, dated October 5, 2021, Mozilla has released a new update for Firefox and Thunderbird that includes important new security fixes. The updated include fixes for vulnerabilities that could allow a malicious actor to install programs on your computer, or access and modify your account data.

We advise you update Firefox on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use a web browser while logged in as a user with administrator privileges on your computer.

For information on how to update Firefox see the Mozilla Firefox page, Update Firefox to the latest release.

Multiple vulnerabilities in Google Chrome, updates advised

Posted in Security Advisories by on October 8th, 2021

As per the recent post on the Google blog, dated October 7, 2021, Google has released a new update for Chrome that includes 4 new security fixes. The updates includes fixes for vulnerabilities know to allow malicious actors to execute programs from your browser.  

We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.

For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.

Multiple vulnerabilities in Google Chrome, updates advised

Posted in Security Advisories by on September 14th, 2021

As per the recent post on the Google blog, dated September 13, 2021, Google has released a new update for Chrome that includes 11 new security fixes. The updates includes fixes for vulnerabilities know to allow malicious web content to execute unauthorized code on your computer.   We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages.

For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.