Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
11 Results
High Vulnerability in Mozilla VPN
Mozilla has released a security update to address a High vulnerability in Mozilla VPN. An attacker could exploit this vulnerability to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Mozilla Foundation Security Advisory 2022-08: Mozilla VPN local privilege escalation vis uncontrolled OpenSSL search path. IT Security
High security advisory to address a vulnerability in Cisco AnyConnect Secure Mobility Client
WHAT HAPPENED Cisco has released a High security advisory to address a vulnerability in Cisco AnyConnect Secure Mobility Client. Advanced Users: For a complete description of the vulnerabilities and effected systems, visit:
Standard
UCSF 650-16 Addendum G - Third-Party Remote Access Standards
Purpose To establish and set the requirements for a University of California San Francisco enterprise standard for third-party remote access to UCSF networks. Definitions See the University of California - Systemwide IT Policy Glossary for the most up-to-date definitions. Terms that are not in the Systemwide Glossary are defined below.
Microsoft Releases Out-of-band Update to Address Critical Issues
Microsoft releases Out-of-band update to address critical issues after installing the January Windows update. This update addresses issues related to VPN connectivity, Windows Server Domain Controllers restarting, Virtual Machines start failures, and ReFS-formatted removable media failing to mount. For a complete description of the vulnerabilities and effected systems, visit Windows message center.
Vulnerabilities in Cisco Small Business RV Series Routers will not be patched (End of Life)
Cisco has released a security advisory to announce that they will not patch vulnerabilities in older versions of their Cisco Small Business RV Series Routers. These vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.
Guideline
macOS Big Sur and Older Versions Discontinued
What is Happening?macOS Big Sur (11.x) and older versions are all discontinued and no longer supported by Apple, which also ended security updates and maintenance. This means these older macOS versions no longer meet UCSF's minimum security standards.It is a minimum security standard of UCSF that all computers used for UCSF business must run vendor-supported versions of operating systems to avoid security risks. Computers that no longer meet this security requirement will eventually be blocked from UCSF's network.
Impacted Services: IT Field Services (ITFS) Desktop Support , ITFS Supported Macs
Standard
UCSF 650-16 Addendum B - UCSF Minimum Security Standards for Electronic Information Resources
Effective Date: December 2007, Updated December 2021 Contents Purpose Overview and Scope Exception from Minimum Security Standards Exception Requests Covering Legacy Systems Compatibility Exemptions Enforcement Minimum Security Standards System Inventory and Protection Level Classification (PLC) Transmission of Restricted Information
Impacted Services: IT Security Outreach and Training
Guideline
IT Field Services - Service Level Agreement
Impacted Services: IT Field Services (ITFS) Desktop Support
Standard
UCSF Policy 650-16 Addendum F, UCSF Data Classification Standard
UCSF_Data_Classification_Standard_08-09-19 (PDF) Document Owner: Patrick PhelanDepartment Contact: UCSF IT SecurityIssue Date: 4/24/17Effective Date: 4/24/17Reviewed/Revised Date: 8/9/19
Impacted Services: IT Security Outreach and Training