As per the recent posts on the Google blog, dated March 25, 2022, and the Microsoft Security Response Center, dated March 26, 2022, both Google and Microsoft has released a new update for their browsers that includes 1 very serious patch. The update includes a fix for an as of yet undisclosed critical vulnerabilities.
We advise you update Chrome and Edge on all computers and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.
For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.
For information on how to update Edge, see the Microsoft Support page, Microsoft Edge update settings.
S&T IT has been made aware of a developing cybersecurity threat to the campus community. It is important that you know, malicious actors are calling members members of the campus community on their members of the campus community on their personal cell phones and identifying themselves as IT support staff. The malicious actors are asking for access to computers, and falsely diagnosing the computer as being hacked. Members of the campus community are then informed they will need to pay to fix the issue. These calls are a scam and offer fraudulent services under the guise of providing subscription-based IT support.
The S&T IT Division and staff want you to know and understand the following:
• We will NEVER call a personal cell phone unexpectedly or in an unsolicited fashion
• We will NEVER request payment from you over the phone
• We will NEVER offer a subscription for the services we provide
If you receive such a call or experience other questionable interactions regarding support for your computer, please notify security@mst.edu immediately.
To briefly explain the behavior you should expect from S&T IT in this capacity, we will only call your personal cell phone IF that is the phone number you provide in a self-initiated help request to . Also, we do not charge a person directly for any service provided. Services will be charged to a MoCode that is provided by your department, or invoiced accordingly.
As per the recent post on the Qualys security blog post, there is a vulnerability impacting a large number of Linux distributions that allows local privilege escalations. This vulnerability is in the pkexec program, which will be installed by default on many Linux distributions.
We advise you update Linux on all computer and devices, at home and at work, (campus and personal) that connect to a network as soon as possible.
For information on how to update your Linux distribution, see your vendor’s website.
As per the recent post on the Google blog, dated January 4, 2022, Google has released a new update for Chrome that includes 37 new security fixes. The updates includes a fix for an as of yet undisclosed critical vulnerabilities.
We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.
For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.
As per the recent posts on Apple Support page, dated October 25, 2021, Apple has released a new update for macOS Monterey and macOS Big Sur that includes important new security fixes. The new update includes security patches that correct issues which allow malicious actors to execute unauthorized code on your computer, or malicious applications and websites to get private information from your computer.
We advise you update your macOS computer at home and at work, (campus and personal) before you use them.
For information on how to update macOS on your Mac see the Apple Support page, Update macOS on your Mac.
As per the recent post on Apple Support, dated October 25, 2021, Apple has released a new update for iOS and iPadOS that includes important new security fixes. The new update includes security patches that correct issues which allow malicious actors to execute unauthorized code on your device, or malicious websites to get private information from your device.
We advise you update your iOS and iPadOS devices at home and at work, (campus and personal) before you use them.
For information on how to update your iOS or iPadOS devices see the Apple Support page, Update your iPhone, iPad, or iPod touch.
As per the recent post on the Mozilla Foundation Security Advisories page, dated October 5, 2021, Mozilla has released a new update for Firefox and Thunderbird that includes important new security fixes. The updated include fixes for vulnerabilities that could allow a malicious actor to install programs on your computer, or access and modify your account data.
We advise you update Firefox on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use a web browser while logged in as a user with administrator privileges on your computer.
For information on how to update Firefox see the Mozilla Firefox page, Update Firefox to the latest release.
As per the recent post on the Google blog, dated October 7, 2021, Google has released a new update for Chrome that includes 4 new security fixes. The updates includes fixes for vulnerabilities know to allow malicious actors to execute programs from your browser.
We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages. Additionally we recommend you not use the web browser while logged in as a user with administrator privileges on your computer.
For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.
As per the recent post on the Google blog, dated September 13, 2021, Google has released a new update for Chrome that includes 11 new security fixes. The updates includes fixes for vulnerabilities know to allow malicious web content to execute unauthorized code on your computer. We advise you update Chrome on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages.
For information on how to update Chrome, see the Google Chrome Help page, Update Google Chrome.
As per the recent post on the Apple Support, dated September 13, 2021, Apple has released a new update for the Safari web browser that includes important new security fixes. Safari is built using Apple WebKit, which has a vulnerability know to allow malicious web content to execute unauthorized code on your computer.
We advise you update Safari on all computer and devices, at home and at work, (campus and personal) before you use them to access webpages.
For information on how to update Safari on an Mac, see the Apple Support page page, Update or reinstall Safari for your computer. If you are using Safari on Windows, please discontinue use and uninstall Safari. Apple Safari for Windows is on longer supported by Apple. Access webpages only from web browsers that are supported and receive security updates.