Alerts | Page 11 | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Alerts

MyPitt Changes to PeopleSoft Tasks Effective March 1

Wednesday, February 9, 2022 - 16:42

 

Starting on March 1, 2022, the number of myPitt (my.pitt.edu) tasks for students, faculty, and advisors to access PeopleSoft resources will be consolidated to PeopleSoft Student Information System, PeopleSoft/HighPoint CX, and View Faculty Center. This reflects a joint decision by the Registrar, Student Information Services, and Pitt Information Technology to simplify search options for myPitt.

Certain tasks will no longer be available as favorites or searches in myPitt. Please note the following changes:

  • Student Center – Use PeopleSoft/HighPoint CX
  • Access the Student Information System – Use PeopleSoft Student Information System
  • PeopleSoft Mobile – Use PeopleSoft/HighPoint CX
  • View My Class Roster – Use PeopleSoft/HighPoint CX

To minimize search issues caused by task removal, Pitt IT recommends that you add PeopleSoft Student Information System and PeopleSoft/HighPoint CX as your favorites. The option to add a favorite for View Faculty Center is only displayed in filter view when Faculty is selected in myPitt. Keywords will also be added to PeopleSoft resources that remain available in myPitt.

Visit the technology site for more information about features and differences of PeopleSoft Mobile and HighPoint Campus Experience (CX) and PeopleSoft Student Information System and HighPoint Campus Experience (CX).

Visit the Registrar’s website for how-to instructions and training resources.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

February Microsoft Security Update

Tuesday, February 8, 2022 - 15:24

 

Microsoft Corporation has announced security updates for February that affect the following software: 

  • Azure Data Explorer
  • Kestrel Web Server
  • Microsoft Dynamics
  • Microsoft Dynamics GP
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft OneDrive
  • Microsoft Teams
  • Microsoft Windows Codecs Library
  • Power BI
  • Roaming Security Rights Management Services
  • Role: DNS Server
  • Role: Windows Hyper-V
  • SQL Server
  • Visual Studio Code
  • Windows Common Log File System Driver
  • Windows DWM Core Library
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows Named Pipe File System
  • Windows Print Spooler Components
  • Windows Remote Access Connection Manager
  • Windows Remote Procedure Call Runtime
  • Windows User Account Profile
  • Windows Win32K

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Pitt and UPMC Enable Sharing of Outlook Free/Busy Time

Tuesday, February 8, 2022 - 11:48

 

The University of Pittsburgh and UPMC have implemented changes to their Microsoft Outlook calendars that enable free/busy time to be visible between the two organizations. This enhancement simplifies the scheduling of meetings between individuals from both Pitt and UPMC.  

Scheduling Meetings

When scheduling meetings between organizations, you must provide the preferred email address ending with @pitt.edu or @upmc.edu in order to view participants’ free/busy time in Outlook. Please note that email aliases that end in domains other than upmc.edu or pitt.edu will not display free/busy time. Free/busy time will also not display if a meeting participant has chosen to keep it private.  

Staff with Pitt and UPMC Email Addresses

When scheduling meetings with staff who have both Pitt and UPMC email addresses, ask which address they prefer or add both email addresses to the meeting invitation.

Please contact the Technology Help Desk at 412-624-HELP (4357) or the UPMC Help Desk at 412-647-HELP (4357) if you have any questions regarding this announcement.

Critical Security Vulnerability Affects Most Linux Operating Systems

Wednesday, January 26, 2022 - 15:42

 

A critical security vulnerability has been discovered in a very common Linux component called Polkit (formerly known as PolicyKit). The vulnerability is present in the default configuration of all major Linux distributions, as well as other distributions. If successfully exploited, the vulnerability could allow an actor to gain full root privileges on the system. Although Pitt Information Technology is not aware of attempts to exploit this vulnerability at the University, it is being actively exploited elsewhere.

Pitt IT recommends administrators prioritize applying the patches to all Linux systems. If a patch is not yet available for your Linux distribution, please evaluate the temporary mitigations referenced in the news articles below.

Additional details about the vulnerability are available from the following news articles:

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Fake Help Desk Email Scam Mimics Pitt Passport Login Page

Tuesday, January 25, 2022 - 15:00

Pitt Information Technology has identified a new email phishing scam targeting University students, faculty, and staff. The scam typically includes the subject line “You Have A New Message Unread From University of Pittsburgh” and appears to originate from the Technology Help Desk’s email address (e.g., helpdesk@pitt.edu). The message contains a link that directs readers to a webpage that mimics the Pitt Passport login page, which attempts to collect their Pitt username and password.

The following is a sample of the recent scam. Note that this scam message may appear in your junk email or quarantined email folder. Always use caution in responding to messages in these folders. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

From: IT Services - University of Pittsburgh helpdesk@pitt.edu

To: Undisclosed recipients:

Subject: You Have A New Message Unread From University of Pittsburgh,

You Have A New Message Unread From University of Pittsburgh,

Click Here To View Message [link removed]

Thanks,

IT Services - University of Pittsburgh,

******************************************************************************

Clicking the link displays a webpage that mimics the Pitt Passport login page:

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Outstanding Account Balance Scam Includes Harmful Attachment

Thursday, January 20, 2022 - 16:16

 

Pitt Information Technology has identified an email phishing scam targeting students, faculty, and staff. The scam implies that a payment is in progress from the recipient’s bank account. It includes a link to a harmful attachment named “remittance,” “account payable,” or something similar. If opened, the attachment attempts to install malware or otherwise compromise the recipient’s device. The scam originates from an external email address (that is, an address other than an @pitt.edu address) and is often routed to a recipient’s quarantine or junk folder.

The following is a sample of a recent fraudulent email. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/security/phishing-scams.

******************************************************************************

From: <External email address>

Subject: Purchase Ledger Remittance: SUP26498

Attachments: SUP26498 Remittance.html

Your payment has now been made, and attached is the payment details with a full payment summary.

Please allow 3 working days from the payment date stated on the remittance advice for the funds to clear your account.  If you have any questions regarding your payment, please direct all enquiries to your local payments team whose contact details are stated on the attached payment advice.

Thank you, your business is important to us!

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

January Microsoft Security Update

Tuesday, January 11, 2022 - 17:15

 

Microsoft Corporation has announced security updates for January that affect the following software: 

  • .NET Framework
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft Teams
  • Microsoft Windows Codecs Library
  • Open Source Software
  • Role: Windows Hyper-V
  • Tablet Windows User Interface
  • Windows Account Control
  • Windows Active Directory
  • Windows AppContracts API Server
  • Windows Application Model
  • Windows BackupKey Remote Protocol
  • Windows Bind Filter Driver
  • Windows Certificates
  • Windows Cleanup Manager
  • Windows Clipboard User Service
  • Windows Cluster Port Driver
  • Windows Common Log File System Driver
  • Windows Connected Devices Platform Service
  • Windows Cryptographic Services
  • Windows Defender
  • Windows Devices Human Interface
  • Windows Diagnostic Hub
  • Windows DirectX
  • Windows DWM Core Library
  • Windows Event Tracing
  • Windows Geolocation Service
  • Windows HTTP Protocol Stack
  • Windows IKE Extension
  • Windows Installer
  • Windows Kerberos
  • Windows Kernel
  • Windows Libarchive
  • Windows Local Security Authority
  • Windows Local Security Authority Subsystem Service
  • Windows Modern Execution Server
  • Windows Push Notifications
  • Windows RDP
  • Windows Remote Access Connection Manager
  • Windows Remote Desktop
  • Windows Remote Procedure Call Runtime
  • Windows Resilient File System (ReFS)
  • Windows Secure Boot
  • Windows Security Center
  • Windows StateRepository API
  • Windows Storage
  • Windows Storage Spaces Controller
  • Windows System Launcher
  • Windows Task Flow Data Engine
  • Windows Tile Data Repository
  • Windows UEFI
  • Windows UI Immersive Server
  • Windows User Profile Service
  • Windows User-mode Driver Framework
  • Windows Virtual Machine IDE Drive
  • Windows Win32K
  • Windows Workstation Service Remote Protocol

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Some LastPass Users May Receive Blocked Login Alerts

Tuesday, December 28, 2021 - 17:47

 

Pitt Information Technology is aware of media reports that bad actors are attempting to access users’ LastPass accounts using credentials and passwords obtained from unaffiliated third-party data breaches. This malicious activity targets LastPass users across the country, not just at the University of Pittsburgh.

It is important to note that LastPass itself has not suffered a data breach. LastPass has published a blog article that explains the attempted attacks and provides guidance on how to ensure your master password remains secure.

In short, whenever information from data leaks becomes available on the Internet, attackers attempt to those username and password combinations to log in to other websites, such as LastPass. Individuals who re-use the same passwords across multiple websites are at greater risk from this type of attack, which is known as “credential stuffing.”   

Pitt IT advises that LastPass users take the following steps to ensure their LastPass master password is secure:

  • Make sure your LastPass master password is strong, unique, and sufficiently random.
    Learn how to create strong passwords …
  • If you have a personal LastPass account, enable multifactor authentication (MFA) protection. MFA will protect your LastPass account in the event the password becomes compromised. If you have a LastPass Business (formerly LastPass Enterprise) account, it is already protected by the University’s Multifactor Authentication Service (Duo).
    Learn how to enable MFA in LastPass …  
  • If you receive a notification from LastPass about a blocked login attempt, reset your LastPass password

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

December Microsoft Security Update

Thursday, December 16, 2021 - 17:12

 

Microsoft Corporation has announced security updates for December that affect the following software: 

  • Windows Media
  • Microsoft Windows Codecs Library
  • Microsoft Defender for IoT
  • Internet Storage Name Service
  • Microsoft Local Security Authority Server (lsasrv)
  • Windows Encrypting File System (EFS)
  • Windows DirectX
  • Microsoft Message Queuing
  • Windows Remote Access Connection Manager
  • Windows Common Log File System Driver
  • Azure Bot Framework SDK
  • Windows Storage Spaces Controller
  • Windows SymCrypt
  • Windows NTFS
  • Windows Event Tracing
  • Remote Desktop Client
  • Role: Windows Fax Service
  • Windows Storage
  • Windows Update Stack
  • Windows Kernel
  • Windows Digital TV Tuner
  • Role: Windows Hyper-V
  • Windows TCP/IP
  • Office Developer Platform
  • Microsoft Office
  • ASP.NET Core & Visual Studio
  • Visual Studio Code
  • Microsoft Devices
  • Windows Print Spooler Components
  • Windows Mobile Device Management
  • Windows Installer
  • Microsoft PowerShell

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Google Chrome Users: Check and Update Your Browser

Tuesday, December 14, 2021 - 17:04

 

Pitt Information Technology is aware of a security vulnerability targeting Google Chrome users that is being actively exploited by hackers.

Pitt IT urges all students, faculty, and staff using Google Chrome update their desktop browser to version 96.0.4664.110 as soon as possible. To check your browser version:

  • Click the three vertical dots at the top right-hand corner of the browser
  • Select Help > About Chrome
    Note: If an update is required, Chrome will download the updated version, then you will see a message saying that Chrome is up-to-date
  • Restart your browser for to complete the update process

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.