Service Advisory A newly discovered Apache Tomcat vulnerability (CVE-2025-4577) is actively being exploited in the wild, enabling attackers to take over servers with a simple PUT request. Severity level CVSS Score: 8.6/High Description: Under certain conditions and configurations, this vulnerability could allow a malicious actor to view or inject arbitrary […]
Service Advisory A critical PHP vulnerability (CVE-2024-4577), discovered last year is currently being exploited in the wild. A successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on the vulnerable PHP server, leading to complete system compromise and deliver malware including ransomware. Severity level: CVSS Score: 9.8/Critical […]
Service Advisory Please be aware of the below change. Announcement We are excited to announce updated menu options on York’s main phone number (416 736 2100), collaboratively developed by the Telecomm team, the University Services Centre, the Office of the University Registrar, and other community partners. When calling the main […]
Service Advisory Please share the following with your teams. Service Maintenance: CAS Upgrade UIT will be performing CAS Upgrade for PeopleSoft HR and PeopleSoft Finance Maintenance window: Start Date/Time: Friday March 7, 2025 - 5:30 p.m. EST End Date/Time: Friday March 7, 2025 - 6:30 p.m. EST Impact/Details: PeopleSoft HR, admin will […]
Service Advisory Broadcom has published a critical security advisory (VMSA-2025-0004) to address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225,CVE-2025-22226) identified in VMware ESXi, VMware Workstation and VMware Cloud Foundation Server. If exploited, these vulnerabilities could result in data breaches, system compromised and unauthorized access. There are reports of these vulnerabilities being exploited in the wild. […]
Service Disruption Please share the following with your teams. Services Impacted: Network Services – Intermittent access to websites Impact/Details: Please be advised that we are currently experiencing intermittent failures when connecting to external websites Our teams are currently investigating DNS resolution failures resolving hosts external to York We will send out more updates […]
Service Advisory Please share the following with your teams. Service Maintenance: Insight Maintenance window: Start Date/Time: Saturday February 22nd 2025, 9:00 a.m. End Date/Time: Saturday February 22nd 2025, 2:00 p.m. Impact/Details: Insight will not be available during the maintenance window. UIT will be performing scheduled server maintenance. This maintenance is required […]
Service Advisory Please share the following with your teams. Service Maintenance: Central Active Directory Scheduled Maintenance Window: Start: Thursday February 20, 2025 11:00 a.m. End: Thursday February 20, 2025 11:59 a.m. Impact/Details: We do not expect any impact to services relying on Central Active Directory. UIT teams will upgrade the forest functional level to allow […]
Service Advisory Please share the following with your teams. Service Maintenance: MyApps Scheduled Maintenance Window: Starting Thursday January 23, 2025 11:00 p.m. Ending Friday January 24, 2025 1:00 a.m. Impact/Details: MyApps service will be offline during the scheduled maintenance. The vendor has released a product update to correct a known issue where some users have […]
Service Advisory A Unauthenticated Remote code Execution (RCE) vulnerability (CVE-2024-6387) has been disclosed in OpenSSH’s servers which gives root privileges on glibc-based Linux system. CVSS Score: 8.1/High Description:- OpenSSH is a suite of networking utilities based on the Secure Shell (SSH) protocol. It is extensively used for secure remote login, remote server […]