The Information Security Office (ISO) team is calling attention to two wormable vulnerabilities for certain Microsoft Windows operating systems. The vulnerabilities have been labeled as CVE-2019-1181 and 1182. They both allow for potential attacks and manipulation without any user intervention or action.
The affected Windows systems are:
- Windows 7 SP1
- Windows Server 2008 R2 SP1
- Windows Server 2012 and 2012 R2
- Windows 8.1
- All supported versions of Windows 10
Microsoft has released a patch for both vulnerabilities CVE-2019-1181 and CVE-2019-1182 in its August patch cycle. All users running the affected systems are requested to install the patches to help prevent these two vulnerabilities from causing critical issues at the university.
Faculty and staff using university-supplied computers under the managed environments of the following areas receive automatic patching, and therefore do not need to take any action:
- Jack, Joseph and Morton Mandel School of Applied Social Sciences
- School of Law
- UGEN and Executive IT Support
- Weatherhead School of Management
Questions can be directed to the ISO team at email@example.com. For assistance with any technology product or service at Case Western Reserve University, contact the University Technology Service Desk at firstname.lastname@example.org or 216.368.HELP (4357) or visit help.case.edu.