Please review and take action: Severe Software Vulnerability

December 15, 2021

To our campus community:

The UC Berkeley Information Security Office (ISO) is responding to a newly revealed severe software vulnerability. This vulnerability affects a broad range of websites, applications, and devices, making it extremely dangerous, and digital systems across the internet are affected. 

What is being done at UC Berkeley:

We are working to determine the scope and potential impact on campus systems and will reach out directly to any members of the UC Berkeley community affected.

  • Patching - Berkeley IT staff are patching affected campus systems as quickly as possible and documenting vulnerability status for all central campus IT applications and infrastructure.

  • Blocking Systems & Removing Services - To protect campus systems and data, IT staff will be monitoring this situation closely during curtailment and may take down services or block systems from the campus network when necessary.

  • Monitoring - ISO will continue to monitor network and system logs closely, especially throughout the holiday curtailment period.

What you can do:

  • Before leaving campus for winter curtailment, power down or remove from the network any servers or devices that will not be in use, especially if you are not sure if they are affected. 

  • Make sure your internet-connected devices are up to date.

  • If you support campus IT systems, review our security alert for this vulnerability.

  • If you receive any suspicious email, report it to us without clicking on any links or replying to the sender. 

Thank you for your attention to this matter.

Jenn StringerAssociate Vice Chancellor for IT and Chief Information Officer

Allison HenryChief Information Security Officer

This message was sent to all students, faculty, and staff. If you are a manager who supervises UC Berkeley employees without email access, please circulate this information to all.