We will be conducting backend maintenance for our core infrastructure in our datacentres between Saturday 28 September at 8am and Friday 11 October at 5pm. This is a heads up of the maintenance we are doing, there is NO expected impact on services facing schools...
Maintenance scheduled on Wednesday 2 October for Secure Access schools
We’d like to notify you of the upcoming systems maintenance for our core network infrastructure for schools with Secure Access. This maintenance will be carried out on Wednesday 2 October between 7pm and 11pm. During this time, schools may experience an intermittent...
Remote code execution affecting IPv6 in Windows products (CVE-2024-38063, Severity – CRITICAL)
N4L is aware that Windows 10, Windows 11 and Windows servers are currently being impacted by a critical vulnerability. This vulnerability affects IPv6 and devices which have IPv6 enabled on them.The vulnerability could allow an unauthenticated malicious actor to send...
End-of-life Chromebooks disconnecting from the network
We’re aware of end-of-life Chromebooks dropping off networks impacting OS version 103 (and lower) users. This is a result of Google implementing their Auto Update policy.What you can doSchool’s IT support or IT providers need to remove the impacted device’s network...
Digicert Domain Control Verification issue
N4L has been made aware of the Domain Control verification (DCV) issue related to DigiCert domain name certificates and the need to replace within 24 hours. Digicert have provided the following instructions: Certificate Revocation Incident | DigiCert If you’ve any...
Advisory: XZ Utils vulnerability (CVE-2024-3094)
We’re aware of a critical vulnerability impacting XZ Utils, where malicious code was inserted into a library that could allow for remote code execution via Secure Shell Protocol (SSH). XZ is a general-purpose data compression format present in nearly every Linux...
Advisory: Apache Struts 2 vulnerability (CVE-2023-50164)
We’re aware of a vulnerability with the Apache Struts 2 application framework, which is used to develop web applications, that could allow an attacker to upload malicious files and run remote code execution (RCE) on the target server. Schools using products impacted...
Advisory: Microsoft Exchange Server and Outlook vulnerabilities
We're aware of two critical zero day vulnerabilities impacting the following Microsoft products: Exchange Server (CVE-2024-21410) Outlook (CVE-2024-21413) Microsoft has released security updates for both vulnerabilities. If you have an Exchange Server, we recommend...
Upcoming changes to Google, Yahoo and Xtra email services and the impact to N4L’s Mail Relay
From 1 February 2024, Google, Yahoo and Xtra email services will require bulk email senders to have additional email security protocols in place to help reduce spam and phishing emails. This means schools and kura will need to take action to ensure emails, such as...
Notification: iPads connectivity issue
We’re aware of a global connectivity issue impacting version 15.6 iPad users. It’s a known issue that Apple is working on resolving and we’ll provide an update once a resolution is available. What you can doIf you have a managed iPad please reboot it and if it’s not...