Trust Center

Data Intensity is notifying customers of a newly disclosed high severity Linux kernel vulnerability, CVE-2026-31431, commonly referred to as “Copy Fail.” This vulnerability allows a local, unprivileged user to reliably escalate privileges to root on affected Linux systems.

While Copy Fail is not remotely exploitable by itself, it poses significant risk when combined with:

• Existing application vulnerabilities
• Compromised user credentials
• Multiuser or multi-tenant Linux environments
• Containerized or Kubernetes workloads

This vulnerability as high risk, and proof of concept exploits are already publicly available, increasing the likelihood of real world misuse.

Most major Linux distributions have released official security advisories and kernel updates, including Oracle Enterprise Linux for Oracle Linux 7, 8, 9, and 10, addressing CVE 2026 31431. The fix removes the unsafe in place operation and restores secure out of place processing. Any update applied will require a system reboot as it consists of a Kernel update.

For those unable to patch, there are other mitigations in place, however, they need to be tested based on the system and application as it may have negative impacts or cause the application not to work.

You can find additional information at the URLs below:

• https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html
• https://copy.fail/

Data Intensity will work with each customer based on the risk to their systems and services contracted to conduct patching as required with publicly exposed systems having the highest priority. It will be at the customers’ discretion to determine the speed of release and identify appropriate downtimes so the update can be applied. Additionally, we advise all customers to assess their non-DI managed internal environments to assess the implications of this vulnerability.

Please reach out to your Data Intensity Customer Success Manager with any questions concerning this vulnerability or request assistance through the ServiceDesk portal here: https://servicedesk.dataintensity.com/.

Microsoft has recently issued an urgent security advisory regarding a critical vulnerability (CVE-2025-53770) in on-premises installations of Microsoft SharePoint Server, a widely used platform for collaboration, file sharing, and web publishing. These vulnerabilities could allow threat actors to bypass authentication and execute remote code, potentially gaining control of affected systems. Microsoft has confirmed active exploitation attempts targeting on-premises SharePoint Server environments.

Data Intensity does not utilize Microsoft SharePoint server but instead utilizes Microsoft 365 version of SharePoint.

If your organization utilizes any of the impacted versions of Microsoft SharePoint Server, it is imperative that you take the following steps immediately:

• Review Microsoft’s official guidance and mitigation procedures: SharePoint vulnerability CVE-2025-53770
• Plan and implement appropriate security and mitigation measures.
• Investigate and apply controls to detect and mitigate any signs of compromise.

Feel free to reach out to security@dataintensity.com with any questions or concerns.

Oracle has released its quarterly Critical Patch Update (CPU) for July 2025. The Oracle CPU is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the last Critical Patch Update Advisory and does not contain updates from prior CPUs.

The Data Intensity technical team and Customer Success Managers will coordinate directly with customers to facilitate any required mitigations based on their exposure, patching cadence and availability of support.

Oracle Critical Patch Update Advisory - July 2025
Oracle Critical Patch Updates, Security Alerts and Bulletins

Oracle has released the Critical Patch Update for October 2024. It is suggested that users of these products review the vulnerabilities, prioritizing the application of updates to critical, publicly exposed systems without extensive mitigating controls and those with a higher risk factor. Data Intensity support staff is in the process of reviewing the impact of these vulnerabilities to supported customers and will be communicating to customers based on the analysis and to setup patch windows based on the customers agreed upon patching cadence. Additional guidance and analysis will be posted here as made available.

Oracle Critical Patch Update Advisory - October 2024
Critical Patch Update for October 2024 Now Available - Oracle Blogs

Data Intensity has been made aware of and has identified multiple customers impacted by a recent update to the CrowdStrike Falcon sensor which can cause Windows systems to crash. This issue has impacted Windows systems that utilize CrowdStrike on a global scale. Windows servers are getting stuck in a reboot loop after being updated, preventing resolution via automatic update from CrowdStrike or by support engineers. The current identified fix for this issue is to manually boot to Windows Safe Mode and remove a file from the filesystem.

Data Intensity is proactively reaching out to customers that are confirmed or potentially impacted.

If you are serviced by Data Intensity and require assistance in relation to this issue or any other critical issue, please create a critical ticket via the Data Intensity ServiceNow Portal, contact the Data Intensity support team at the number found on the website https://www.dataintensity.com/about-us/contact/, or contact your Data Intensity Customer Success manager.

Additional Information can be found below:
https://www.windowslatest.com/2024/07/19/windows-10-crashes-with-bsod-stuck-at-recovery-due-to-crowdstrike-update/
https://supportportal.crowdstrike.com/s/login/?ec=302&startURL=%2Fs%2Farticle%2FTech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19 (requires CrowdStrike access)