SECURITY ALERT
Incident Report for Duke IT
Resolved
If you are still experiencing service issues please contact the OIT Service Desk: https://oit.duke.edu/help
Posted Aug 28, 2020 - 06:36 EDT
Monitoring
Earlier this month security researchers published information about vulnerabilities discovered in Google's Firebase Cloud Messaging (FCM) service. The Cloud Messaging component of the Firebase service is widely used for pushing application notifications to Android and iOS devices. The vulnerabilities discovered by the researchers would enable an attacker to send push notifications to all app users, regardless of whether they were subscribed or not. Because these messages could have been crafted as phishing attempts, the impact could have been severe.

Among the vendors that utilize the Google FCM service is Microsoft for the Teams application. In the process of testing after these vulnerabilities were patched, Microsoft sent out unexpected test notifications to some users with Teams installed on a mobile device. Initial reports indicate this may have been limited to devices running on the Android platform.

At this time the University Security Office believes there is no longer a risk from these vulnerabilities, but it is possible that further notifications may still be sent as Microsoft and other vendors continue to test.

If you have questions about this update, please contact the OIT Service Desk at (919) 684-2200.
Posted Aug 27, 2020 - 11:51 EDT
This incident affected: Security (Security Alert).