Advisory Notice - Microsoft Office Remote Code Execution Vulnerability (CVE-2023-36884)

Microsoft recently disclosed a zero-day vulnerability (CVE-2023-36884) which is currently being exploited in the wild. Attackers are coercing users via social engineering phishing techniques into opening a specially-crafted Microsoft Office document that could result in remote code execution. Even though Microsoft Defender for O365 provides protection against attachments designed to exploit CVE-2023-36884, we ask the […]

Advisory Notice - OFAC sanctions and service restrictions

University Information Technology (UIT) is advising of current and upcoming changes to York-provided services Zoom and Duo (two-factor authentication) as a result of the situation in Ukraine. These services are now or will be unavailable to individuals attempting to authenticate from several countries and regions restricted by the Office of Foreign Assets Control (OFAC) — a financial intelligence […]

Cyber Security Advisory - Protecting against increased cyber threats

Russia’s invasion of Ukraine has resulted in an increase in global cyber threats. While there is no specific threat to York University, we would like to stress the importance of protecting your accounts, devices, and data. Protective steps include: Use multi-factor authentication with your accounts to help verify access. York’s Duo 2FA service is required […]