We’re aware of a critical vulnerability in Apache Struts 2, which is an open-source model-view-controller (MVC) framework for creating Java web applications. This is an 'Unrestricted Upload of File with Dangerous Type' vulnerability (CVSSv4 score of 9.5) that exists...
Encrypted Client Hello’s impact on Web Filtering
Encrypted Client Hello (or ECH for short) is a privacy encryption method that’s been enabled on some websites globally by third parties, which includes a very small percentage of websites used by schools. If a website has ECH enabled, it makes it difficult for N4L’s...
Ruckus Cloudpath upgrade to version 6.0
We’d like to notify you of the upcoming Ruckus Cloudpath upgrade to version 6.0.It will be carried out in 5 stages: on 7, 9, 14, 16 and 20 January (4pm to 11:30pm) and we’re contacting all affected schools directly with their upgrade dates. The upgrade is expected to...
Issue impacting our Filtering Portal
Update 6 December: This issue has now been resolved and Filtering Portal should work as expected. We are aware of an issue impacting users when making configuration changes with our Filtering Portal (FortiPortal). The team is working to resolve this and we will...
End-of-life Chromebooks disconnecting from the network
We’re aware of end-of-life Chromebooks dropping off networks, impacting unsupported OS version users. This is a result of Google implementing their Auto Update policy. What you can do School’s IT support or IT providers need to remove the impacted device’s network...
F5 Remote Access – Planned maintenance Friday 15 November
We’re undertaking planned maintenance for F5 Remote Access on Friday 15 November from 4pm - 10pm. Users of F5 Remote Access may experience a service disruption of 15 - 30 minutes during this timeframe, meaning they’ll be unable to remotely connect to their school’s...
Issue impacting MyN4L and Smartzone
We are aware that some schools may be experiencing speed issues when accessing N4L tools such as MyN4L or the Smartzone interface. The team is working to resolve this and we will provide any further updates as we have them.
Remote code execution affecting IPv6 in Windows products (CVE-2024-38063, Severity – CRITICAL)
N4L is aware that Windows 10, Windows 11 and Windows servers are currently being impacted by a critical vulnerability. This vulnerability affects IPv6 and devices which have IPv6 enabled on them.The vulnerability could allow an unauthenticated malicious actor to send...
Advisory: XZ Utils vulnerability (CVE-2024-3094)
We’re aware of a critical vulnerability impacting XZ Utils, where malicious code was inserted into a library that could allow for remote code execution via Secure Shell Protocol (SSH). XZ is a general-purpose data compression format present in nearly every Linux...