Scheduled Change: Today, August 15th 5:00 PM
Services Impacted: All Windows desktops and laptops
Google Project Zero has disclosed a critical vulnerability in Microsoft’s Text Services Framework that allows an attacker to gain system level access to any computer. The patch for this vulnerability has been released to campus already, with the deadline for applying it set to next Thursday.
Since Google has now released a proof of concept attack based on this vulnerability it is highly likely that malicious versions will be created and deployed as malware in the next few days.
With this in mind, we have pushed up the deadline for applying this month’s security patches to today at 5pm. This means that the patches will begin applying after 5pm and computers will automatically reboot to apply the patches no later than 5pm tomorrow.
Please leave your computer on when you leave work today so the patches can be applied. If you turn your computer off for the weekend, the patches will apply first thing Monday morning and your computer will reboot once the patches are installed.
Campus technicians who have special exceptions to not have enforced updates should install these updates from software center manually as soon as possible. If you have a Windows computer at home, you should also be sure to check for and apply any updates from Microsoft.