College of Engineering |

DECS

Zoom Vulnerabilty on MacOS

In July of 2019 the public was made aware of a security vulnerability in the popular video conferencing app, Zoom (used by MSU) on Macs. If the Zoom app is installed on a Mac, then any website can open a video-enabled call since the Zoom app installs a web server on Macs that accept requests other browsers wouldn't. Even if you uninstall the app, the web server still exists and can reinstall Zoom without your knowledge.

Apache Struts Zero-Day Vulnerability

Security researchers have discovered a zero-day vulnerability in the popular Apache Struts web application framework. 

So, if you're running an Apache Struts Web applications, you should look into updating your software. Apache has released that versions 2.3.32/ 2.5.10.1 or later are not vulnerable. You should upgrade earlier versions to mitigate the issue. If you need assisting in determining if you need to upgrade, please contact the DECS Support Office at 3-8891 or at support@egr.msu.edu.