|Title||Start Date & Time||End Date & Time|
|Service Maintenance Scheduled: VPN - Cisco AnyConnect||Tuesday, July 25, 2017 - 7:00am||Tuesday, July 25, 2017 - 7:30am|
|Service Maintenance Scheduled: MSSC & Transportation Network||Thursday, July 27, 2017 - 6:00am||Thursday, July 27, 2017 - 7:30am|
|Service Maintenance Scheduled: Web Express||Saturday, July 29, 2017 - 8:00am||Saturday, July 29, 2017 - 10:00am|
|Service Maintenance Scheduled: Campus Solutions & Portals||Saturday, July 29, 2017 - 6:00pm||Sunday, July 30, 2017 - 6:00pm|
|Service Maintenance Scheduled: Human Capital Management (HCM)||Thursday, August 3, 2017 - 6:00pm||Thursday, August 3, 2017 - 11:59pm|
Oracle has released an update addressing Oracle Security Alert for CVE-2013-0422 for Java (the same vulnerability notification that was released by the IT Security Office on Friday, January 11, 2013). These vulnerabilities may be remotely exploitable without authentication (i.e., they may be exploited over a network without the need for a username and password). To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages these vulnerabilities.
**The update changes the way that Java is used by providing the user with a prompt requesting permission to allow Java to run before any unsigned Java applet or Java Web Start application is run.**
The IT Security Office advises applying the update as soon as possible. Be aware that updating Java has the ability to affect access to legitimate applications.
Oracle Java JDK and JRE 7 Update 10 and earlier
Security bulletin names:
Oracle Security Alert for CVE-2013-0422
Released: January 13, 2013
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) email@example.com. Email and phone help is available Mondays through Thursdays, 7:00 a.m. to 10:00 p.m.; Fridays 7:00 a.m. to 7:00 p.m.; and Saturdays and Sundays, noon to 6:00 p.m.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.