We’d like to notify you of upcoming maintenance scheduled for schools that have completed Equipment Replacement and Secure Access. This maintenance will be carried out over two separate days as outlined below: Wednesday 8 May from 7pm - 9pm. Friday 10 May from 5pm -...
Advisory: XZ Utils vulnerability (CVE-2024-3094)
We’re aware of a critical vulnerability impacting XZ Utils, where malicious code was inserted into a library that could allow for remote code execution via Secure Shell Protocol (SSH). XZ is a general-purpose data compression format present in nearly every Linux...
FortiClient Remote Access – Qualcomm Wi-Fi adapter connection issue
We’re aware of an issue where laptops using a Qualcomm FastConnect 6900 Wi-Fi adapter are unable to connect to the FortiClient IPSec Remote Access VPN. There is no fix currently available and we’re working with the vendors to see if there are any validated...
Advisory: Apache Struts 2 vulnerability (CVE-2023-50164)
We’re aware of a vulnerability with the Apache Struts 2 application framework, which is used to develop web applications, that could allow an attacker to upload malicious files and run remote code execution (RCE) on the target server. Schools using products impacted...
Advisory: Microsoft Exchange Server and Outlook vulnerabilities
We're aware of two critical zero day vulnerabilities impacting the following Microsoft products: Exchange Server (CVE-2024-21410) Outlook (CVE-2024-21413) Microsoft has released security updates for both vulnerabilities. If you have an Exchange Server, we recommend...
Upcoming changes to Google, Yahoo and Xtra email services and the impact to N4L’s Mail Relay
From 1 February 2024, Google, Yahoo and Xtra email services will require bulk email senders to have additional email security protocols in place to help reduce spam and phishing emails. This means schools and kura will need to take action to ensure emails, such as...
Ruckus Cloudpath upgrade: 12 January
We’d like to notify you of the upcoming Ruckus Cloudpath upgrade. It will be carried out between 6pm on 12 January and 8am on 13 January and it’s expected to cause an outage, meaning schools that have migrated to Secure Access will be unable to access the Wi-Fi...
Advisory: RUCKUS access point vulnerability
We’re aware of a vulnerability in the web-based interface used to manage RUCKUS access points that could allow a remote attacker to execute a cross-site scripting (XSS) attack against a user logged on to the interface of the affected device. Please note that Equipment...
Notification: iPads connectivity issue
We’re aware of a global connectivity issue impacting version 15.6 iPad users. It’s a known issue that Apple is working on resolving and we’ll provide an update once a resolution is available. What you can doIf you have a managed iPad please reboot it and if it’s not...
Advisory: Active exploitation of two vulnerabilities (CVE-2022-47966 and CVE-2022-42475)
The US Government CISA has issued an advisory concerning active exploitation of these vulnerabilities earlier in the year.The Fortinet vulnerability (CVE-2022-42475) does not affect schools with N4L-managed Fortinet firewalls.If your school uses an on-premise Zoho...