To our campus community,
As has been reported widely in the news, there are key security vulnerabilities for computers, phones, and tablets using major brand CPU processors, including Intel and AMD. Microsoft and Apple computer platforms are affected, as well as Android and iOS phone platforms. These vulnerabilities open the door to the possibility that passwords and other data could be stolen from your devices. The vulnerabilities affect the operating systems, web browsers, and firmware (software that the computer hardware has built into it).
How to Protect Yourself
All the major manufacturers are developing and pushing out software updates. Operating system updates are available for Microsoft Windows 7 and above, and Apple MacOS 10.11 El Capitan and above. Older operating systems will need to be upgraded. You will need to run software updates on your personal devices immediately.
Faculty/Staff
If you have the Berkeley Desktop installed and are supported by Campus Shared Services (CSS) IT, Microsoft and Apple operating systems as well as several major web browsers (Safari, Firefox, Internet Explorer) have been automatically updated. We are awaiting additional key updates for Google Chrome that will be deployed as soon as they are available. Patches were validated by IST Endpoint Engineering and released to over 12,000 machines on Jan. 11, 2018 at 4 p.m. CSS IT will monitor the rate of patching and reach out directly to customers if further action is needed.
If you are not running the Berkeley Desktop, we urge you to run software updates on all your devices (both campus-owned and personal) on a regular basis as the remediations for these patches are changing daily.
Call the CSS IT Service Desk at (510) 664-9000, submit a ticket online, or email itcsshelp@berkeley.edu if you have questions. For additional technical information visit our Security Advisory: Spectre/Meltdown Wiki.
Students
Please visit the Student Help Desk during office hours if you have questions or need assistance. You may also call (510) 642-4357 or email sts-help@berkeley.edu.
We continue to see an increase in both the number and intensity of security vulnerabilities, keeping your devices current and updated is an easy, yet critical piece to keeping the campus network and data secure. Thank you for doing your part in keeping campus data and systems safe.
Regards,
Larry Conrad, Associate Vice Chancellor for IT and Chief Information Officer
Lyle Nevels, Interim CISO, Assistant Vice Chancellor for IT and Deputy CIO
Jerry Yerardi, Associate CIO for Campus Shared Services and Director of CSS IT
If you are a manager who supervises UC Berkeley employees without email access, please circulate this information to all.