07/23/15, 05:04 PM
Expected duration: Unknown
A feature in the Cornell Network in Yammer erroneously interpreted the email addresses for group email accounts and e-lists as being for individual members of the Cornell community, and forwarded a invitation to join the network to them, and to people who may not have been intended to receive it. Cornell engineers are working on interrupting any email response loops that have been triggered by this action, and also are investigating ways to prevent similar mailings from happening in the future.
Cornell engineers are continuing to review options for preventing similar situations from occurring again. Microsoft representatives have been asked whether it is possible to turn off the ability to send mass invitations through the process that was unintentionally triggered in this case. Documentation is being updated to provide a caution against use of the mass invitation feature.
A new vulnerability has been announced in all versions of the Windows operating system. This vulnerability (MS15-078) allows malicious parties to compromise Windows systems through a specially-crafted document or by visiting a webpage that contains embedded OpenType fonts.
All Windows systems should be updated with the latest version of Windows software updates as soon as possible.