Microsoft Corporation has announced security updates for January that affect the following software:
- Microsoft Windows
- Internet Explorer
- Microsoft Office and Microsoft Office Services and Web Apps
- ASP.NET Core
- .NET Core
- .NET Framework
- OneDrive for Android
- Microsoft Dynamics
Among the vulnerabilities patched is a critical weakness in Windows CryptoAPI. If an attacker were to successfully exploit this vulnerability, they could decrypt, modify, or inject data on user connections. Microsoft recommends users prioritize applying this update.
Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.
In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus (Symantec Endpoint) and Anti-Malware (Malwarebytes) Protection. Both are available at no cost through the Software Download Service. Departments can submit a help request to obtain Malwarebytes for multiple machines.
Please contact the 24/7 IT Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.