ITS Alerts

Overview:

In an effort to enhance our campus cybersecurity defenses, we are sharing situational awareness information and advisable actions, as well as applying temporary computer system updates to managed computers. The campus has received alerts of a zero-day vulnerability known as PrintNightmare that could possibly allow an attacker to gain remote control over an infected system by utilizing the print spooler function on Windows machines. As of now Microsoft has not released a viable patch to completely nullify the threat. This threat has broad impact with summary points listed below:

  • Standard domain user account and allows for remote code execution as SYSTEM (root)
  • Affects Windows OS (e.g., Win10, 2012R2, 2016, 2019)
  • Microsoft has NOT released a patch yet
  • Strong recommendation is to disable the Print Spooler service on critical Windows hosts, prioritizing Domain Controllers and other servers.

What can you expect:

To minimize risk to our campus, we are temporarily disabling the printing function on Windows centrally managed machines until Microsoft releases the next patch. This will affect printing to printers, as well as printing to PDF and the OnBase virtual print driver. Users on managed Windows computers who have the need to print can follow the steps below to temporarily enable printing:

  1. From the Windows menu in the lower left, open "Software Center"
  2. Locate the application "Enable Print Spooler"
  3. Select "Install" for “Enable Print Spooler”. This provides a 15-minute timeframe to print.
  4. Proceed to print as you normally would.
  5. To print again after 15 minutes, in “Software Center”, go to “Enable Print Spooler”, select uninstall and then install again.

Be vigilant and help protect yourself with the following actions:

  • To further exploit this vulnerability attackers may attempt phish you for your credentials.
  • Common scams may involve current trends in the media to grab your attention.
  • Be suspicious of anyone asking you for personal information through email.
  • If you can’t tell whether an email is legitimate or not, please use the Report Phishing Button in Outlook or forward the email to abuse@sfsu.edu for inspection.
  • Do not click on links or attachments from senders that you do not recognize. Be especially wary of .zip files or other compressed or executable file types.
  • More phishing resources can be found on the ITS website at https://its.sfsu.edu/guides/phishing.

 

Thank you for your patience and diligence in protecting SF State information/systems and your personal information. Reporting suspicious communications and issues improves security for everyone.

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

A security encryption update will be applied on the PROD and OBPRD databases starting on Friday, July 16, 2021. The update will be to require encryption of AES256. This security enhancement is being applied to ensure our data remains protected. The maintenance will be on Friday, July 16, 2021, from 5:00 p.m. to 9:00 p.m. There will be an interruption to all services that connect to the Oracle databases while the update is being applied.

What can you expect:

The following applications and services will not be available during patching:

  • Academic Senate Voting
  • CEL Shopping Cart
  • Class Schedule
  • Data refresh for HR_INTERFACE object
  • Data refresh for OneCard
  • Data refresh for some OnBase MVs
  • Directory Search
  • Email Account Services
  • Grade Exceptions
  • MV refresh for Academic Technology
  • MV refresh for Follett Bookstore
  • MV refresh for usage of Web Team such as those Class Roster objects
  • OnBase application
  • Password Change / Reset
  • Pre-Requisite Roster
  • SF State ID lookup
  • Short Term Loan
  • University Calendar
  • Zeus Test

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

ITS will apply monthly Windows security updates and critical updates on Windows servers on Saturday, July 17, 2021 from 6:00 p.m. - midnight. The latest Windows security patches fix the vulnerabilities and errors in Windows and associated software. Security and critical updates reduce the risk of exploitation by malware or hackers.

What can you expect:

During the maintenance window, users may experience a brief loss of service while each server is rebooted. Each server is expected to be unavailable for less than 10 minutes during the maintenance window.

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

ITS will upgrade the server farm core switch to a newer and vendor recommended operating system version from Thursday, July 22, 2021, at 10:00 p.m. – Friday, July 23, 2021, at 1:00 a.m. This upgrade is to improve security and performance.

What can you expect:

During the upgrade window, no significant service interruption is anticipated, but users who are connected to campus through Global Protect VPN (virtual private network) or on campus devices accessing the internet may experience slow performance.

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

The Chancellor's Office has scheduled a downtime maintenance window for campus PeopleSoft platforms (Campus Solutions (CS) 9.2 and Human Resources (HR) 9.0. The downtime will occur on Friday, July 23, 2021 from 8:00 p.m. to midnight while the Chancellor's Office works to apply the maintenance pack upgrade. This upgrade provides:

  • updates to COVID reporting
  • annual updates to Financial Aid processing and reporting
  • installation of new Education Advisory Board (EAB) planner files

What can you expect:

Both Campus Solutions (CS) and Human Resources (HR) will not be available during the maintenance window. Affected applications include:

  • Accept Admission Offer
  • CEL Quick Admit
  • E-Trac
  • Gator Scheduler

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

ITS is currently troubleshooting an issue preventing users from connecting to the SF State Guest WiFi network. ITS is currently working with the vendor to troubleshoot.

What can you expect:

Users are currently unable to connect to SF State Guest WiFi due to this registration issue. We don’t currently have an expected time for recovery.

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

A security encryption update will be applied on the OIMPRD database starting on Friday, July 2, 2021. The update will be to require encryption of AES256. This security enhancement is being applied to ensure our data remains protected. The maintenance will be on Friday, July 2, 2021, 5:00 p.m. - 9:00 p.m. There will be an interruption to all services that connect to the Oracle databases while the update is being applied.

What can you expect:

The following applications and services will not be available during patching:

  • The Oracle Identity Manager (OIM) Provisioning system

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

A critical Oracle patches will be applied on the PROD & OBPRD databases starting on Friday, June 18, 2021. These critical security updates are being applied to ensure our data remains protected. The maintenance will be from Friday, June 18, 2021 at 5:00 p.m. to Sunday, June 20, 2021 5:00 p.m. There will be an interruption to all services that connect to the Oracle databases while the patch is being applied.

What can you expect:

The following applications and services will not be available during patching: 

  • Academic Senate Voting
  • CEL Shopping Cart
  • Class Schedule
  • Data refresh for HR_INTERFACE object
  • Data refresh for OneCard
  • Data refresh for some OnBase MVs
  • Directory Search
  • Email Account Services
  • Grade Exceptions
  • MV refresh for Academic Technology
  • MV refresh for Follett Bookstore
  • MV refresh for usage of Web Team such as those Class Roster objects
  • OnBase application
  • Password Change / Reset
  • Pre-Requisite Roster
  • SF State ID lookup
  • Short Term Loan
  • University Calendar
  • Zeus Test

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

Information Technology Services (ITS) will install a new security feature to the Online CEL Shopping Cart during the scheduled maintenance window on Friday, June 18, 2021 from 8:00 p.m. – midnight. This feature will prevent bot-like transactions.

What can you expect:

Campus Solutions (CS) may not be available during the maintenance window. Affected applications include:

  • CEL Quick Admit 
  • Class Schedule
  • Gator Scheduler 
  • Student Center

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.



Overview:

ITS will decommission the sdn.sfsu.edu server on Thursday, June 24th, 2021, at 9:00 a.m. The server was previously used to host downloadable software, which can now be done through other services such as Box and SCCM.

What can you expect:

Users will no longer be able to access https://sdn.sfsu.edu after Thursday, June 24th, 2021.

Support:

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.