Computer Security

I think a full-time security administrator should be able to write at least 3 posts every week, if not every day. I've always had a lot of roles to fill, but being a Banner system administrator is really a full time job in and of itself. Last year I was only able to write two posts from January through April, and I think this Winter (of much discontent) will be even busier with Banner and OneCard projects. So don't expect to find any regular updates here for a while.

There is another great source of IT Security information I encourage everyone to read, the SANS 'Ouch!' Newsletter. I rely on the SANS Internet Storm Center for updates that are often very technical in nature, but Ouch! is geared toward all users and is only published once a month. You can view the current issue on the web or have it e-mailed to you each month.

Yesterday, Microsoft released an "Out-of-Band" Security Update to fix a critical vulnerability in Internet Explorer. This vulnerability can be exploited by visiting a maliciously crafted web site, but does not necessarily require a user to download any files or click a link inside that infected site. It is estimated that over one million computers have been infected worldwide, which is why Microsoft has released this patch off of their normal cycle.

Emerson College computers should get the update this morning, if they haven't already. I would highly recommend that all Windows users patch their home systems as soon as possible. For more information on patching and keeping your computer safe, please see: http://www.emerson.edu/helpdesk/services/maintenance/Windows-Maintenance.cfm

Apple has released Security Update 2008-008 / Mac OS X v10.5.6 earlier this week. It fixes a number of vulnerabilities, so if you have patched yet, it is time to run Software Update.

Yes, on Tuesday, Microsoft released a number of updates for Windows and Office (including Office for Mac). All of them are critical for your home and office computers, so patch now (if you haven't already). For more information about patching and keeping your computers up to date, see my first Patch Tuesday posting.

Sun has just released an update which fixes numerous vulnerabilities in a number of different versions of Java. Some of the vulnerabilities patched are quite serious, such as allowing a remote hacker to execute code on your computer. Java is a little tricky because installing a new version doesn't necessarily remove an old one, and some software relies on old versions of Java. That makes it difficult to give blanket advice, but I definitely support updating, even if you can't remove an older version.

For more information:

• Check your version of Java


• Doanload Java


• Removing Older Versions

It has been a big week for software updates. First, Microsoft released three important updates on their Patch Tuesday. A couple of my machines prompted me to run Flash Player updates this week. Mozilla patched a large number of vulnerabilities in Firefox (and other products, such as Thunderbird). And Apple has released an update of their Safari web browser for Mac and Windows. Make sure your computers are up to date.

This is a simple idea, but it is still worrisome. Malware writers look for any opportunity they can to attack people. With news of financial markets declining and bank consolidation, security research shows an increase in spam and phishing activity. It's not a new idea; we've seen floods of attacks after any sort of natural disaster or other major news events. This time they are playing to people's fears about their banks and investments.

The advice remains the same. Be very cautious with your e-mail and especially don't click any link in a suspicious message. You should always be able to get to your bank's web site by typing in the URL; you should never have to click a link in a message.

Microsoft has just released an "Out-of-Band" Security Update to fix a critical vulnerability in a process known as Remote Procedure Call (RPC). This vulnerability could be exploited when one computer connects to a Windows Computer or Server with a commonly used protocol. According to the Microsoft Security Bulletin, "It is possible that this vulnerability could be used in the crafting of a wormable exploit." There are currently limited, small scale attacks happening on the Internet, however, the potential exists for a wide-spread worm attack. For those reasons, Microsoft chose not to wait until the next Patch Tuesday (November 11), but instead to release it immediately, which is a rare step for them.

Given the potential for a worm-like attack, we plan to patch all Windows Servers tomorrow morning. I would highly recommend that all Windows users patch their home systems as soon as possible. For more information on patching and keeping your computer safe, please see: http://www.emerson.edu/helpdesk/services/maintenance/Windows-Maintenance.cfm

Yesterday Microsoft released a number of critical patches for both servers and desktop computers. I highly recommend patching your Windows computers as soon as possible. We updated Emerson's servers this morning.

I know for the me the past month has mostly been a blur, as the start of the school year often will be. So I'm trying to catch up a little on the important security news and I think I can basically summarize the past two months in three bullet points:

1. PATCH EVERYTHING: Windows, MacOS, Firefox, iTunes, Office, QuickTime, Flash Player, Adobe Reader, Java, and any other software you might have. Everything in that list has released security updates recently and you should make sure you are up to date. For help figuring out how to update your software, see this post from about a year ago.


2. Beware of Scams: Microsoft has been working to cleanup infected computers that are part of bot-nets. So the criminals have been working extra hard to infect new computers. A common means of infection involves setting up malicious web sites and getting people to visit them by sending spam. Especially popular right now are greeting card scams--where it looks like someone sent you an e-card and when you go to view it they infect your computer. Also be weary of any emails with outrageous subject lines that seem like current events, solicitations for victims of recent hurricanes or other storms, or anything about a US financial institution.
   


3. Don't use Google Chrome: For those of you who have not heard, Google has released a new web browser, called Chrome. This is still a beta software product, and has already been found to have a number of security vulnerabilities. I will offer the same advice I offered when Apple released Safari for Windows: Don't use beta web browsers on a production machine. Don't install Chrome on any computer that you rely on for day to day work. If you have a test machine (with no important data on it), that is the only place I would consider safe for this browser at this time.