|Title||Start Date & Time||End Date & Time|
|Service Issue Updated: Campus Wireless||Monday, February 12, 2018 - 10:05am|
|Service Issue Reported: Microsoft Store and Store Apps - General Access Issue Reported||Thursday, February 22, 2018 - 3:44pm|
|Service Maintenance Scheduled: Campus Solutions & Portals||Sunday, March 18, 2018 - 6:00am||Sunday, March 18, 2018 - 6:00pm|
|Service Maintenance Scheduled: Lynda.com||Thursday, March 22, 2018 - 10:00pm||Friday, March 23, 2018 - 1:00am|
Zimperium zLabs has disclosed a zero-day flaw in the Stagefright media playback engine that affects roughly 95% of Android devices. The flaw allows malware to be sent via the MMS application, and it requires no user interaction. This vulnerability may allow remote code execution and/or denial of service.
Android versions 2.2 to 5.1
Until a vendor provided patch is issued from Google, disabling auto retrieve of SMS/MMS may partially mitigate this vulnerability, see link below . According to Zimperium, Android devices older than 18 months are unlikely to receive an update at all.
Zimperium - Experts Found a Unicorn in the Heart of Android
Twilio Blog - How to Protect Your Android Phone From the Stagefright Bug
VB - Researchers find vulnerability that affects 95% of Android devices
Threat Post - Android Stagefright Flaw put 950 million devices at risk
Additional information about this vulnerability can be viewed at:
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or firstname.lastname@example.org.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.