A vulnerability was identified Monday in all wireless internet connections. This vulnerability allows a cyberattacker to gain access to information that was previously assumed to be safely encrypted. As a result, cyberattackers can steal sensitive information, such as credit card numbers, passwords, chat messages, emails and photos, from devices on the same Wi-Fi network. It is important to note that visits to secure websites (https://) remain secure and are not vulnerable to this method of attack.
Microsoft Windows released security updates for all Windows systems on Oct. 10. Patches for other operating systems are not yet available. Until these patches are released, use a wired internet connection instead of Wi-Fi on such devices when possible.
All VMDP-managed and DTS-managed Windows devices were patched this week and are no longer vulnerable to this attack.
If your Windows device is not managed by VUIT, follow the steps below to install and apply the proper patches:
- Click “Start.”
- Launch the Windows Update application by typing “Windows Update” into the search bar and pressing enter.
- Click “Check for Updates.”
- Follow the instructions provided by Microsoft.
If you feel that your system has been compromised, please call the help desk at (615) 343-9999 or submit a high-priority Pegasus ticket.