by Elizabeth Parsons, IT Services

Update, June 9

Owl Labs has released patches for its Meeting Owl software. Time to update your devices accordingly!

Original article

A security concern has been recently discovered in Meeting Owls, which Miami offices have been using for some time as a way to streamline hybrid (combination in-person and remote) meetings.

A recent Ars Technica article enumerates the flaws in these Owls, but suffice it to say that several key vulnerabilities make these devices a threat to the Miami network. In particular, a flaw in the bluetooth functionality of the devices uses no passcode, making it possible for someone within bluetooth range to take control of those devices.

Owl Labs is working to patch the most important flaws, but until at least the bluetooth issue is fixed, the Information Security Office (ISO) is recommending that folks at Miami with access to Meeting Owls only use them when they are needed for hybrid meetings – and to unplug them when not in use.

Again: Please turn off or unplug your Meeting Owls while you are not using them, and only use them if they are absolutely necessary for hybrid meetings.

If you have any questions or concerns, please contact the ISO at InfoSec@MiamiOH.edu.