Administrative Offices
Office of Information Technology return to Connecticut Community Colleges home page

IT Home Page
General Information
Free Credit Report
Arrow - This section is ONSecurity Alerts
SiteAdvisor FAQ
Bad E-mail
Spam
Internet Headers
Complaint Templates
Spoofed E-mail
Hoaxes
Phishing
No HTML Formatting?
Anti-Spam
Digest Help
Anti-Spam FAQ
Anti-Virus
Virus History
FAQ
Virus Notifications
What's New
Internal Security Site
Contact Us
> return home
CT Community Colleges - Information Security - Security Alerts
Security Alerts

NEW 8/12/2008: Microsoft has released eleven patches in this month's Security Bulletin.  Six are rated critical and one is being actively exploited.  This month's patches should be deployed right away.  Sans.org is reporting more info on these patches.  The patches and details about them are available here from Microsoft.

7/8/2008: Microsoft has released four patches in this month's Security Bulletin.  These are all rated important.  This month's patches should be tested by each college and deployed timely.  Sans.org is reporting more info on these patches.  The patches and details about them are available here from Microsoft.

7/1/2008: Apple has released a security update(10.5.4) to fix vulnerabilities within the Mac OS X operating system and a update(3.1.2) to the Safari browser.  SANS provides an announcement of the security patches here. Info on these patches from Apple can be seen here:(OS and Safari). Info on all Apple patches can be found at this site.

6/19/2008: Microsoft has re-released MS08-030, which was originally included in the June monthly patch update.  This updated patch should be tested and rolled out to all vulnerable workstations.

6/10/2008:Apple has released a new version(7.5) of QuickTime that addresses multiple vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

6/10/2008: Microsoft has released seven patches in this month's Security Bulletin.  Three are rated Critical.  This month's patches should be tested by each college and deployed timely.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

6/5/2008: Cisco has announced a security update for the PIX and ASA firewalls which fixes 5 vulnerabilities that can lead to Denial of Service or bypass of specific ACLs.  Sans provides a summary of the security updates here. Info on this advisory from Cisco can be seen here. 

5/29/2008: Apple has released a security update(10.5.3) to fix vulnerabilities within the Mac OS X operating system.  Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

5/21/2008: Cisco has released a security advisory for an IOS Secure Shell Server vulnerability.  If the vulnerable IOS versions are being used, it is recommended that the updates be applied as soon as possible.

5/14/2008: Cisco has released three security advisories to address vulnerabilities in Cisco Unified Communications Manager, Unified Presence, and the Content Switching Module. These vulnerabilities may allow an attacker to cause a denial-of-service condition on the affected system.  The vulnerabilities were apparently discovered internally, so no exploits are circulating yet.  It is recommended that the updates for these products be applied timely.

5/13/2008: Microsoft has released four fixes to close a half dozen security holes in this month's Security Bulletin.  Three of the fixes are rated critical, including a vulnerability in the Microsoft Jet database which is currently being exploited by attackers.  Colleges should test and deploy these patches right away.  Sans.org has more information in addition to the details on these updates available here.

4/10/2008: Real.com has released a patch for it's Real Player that patches a vulnerability that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Read about the vulnerability here. You should upgrade to RealPlayer 11.0.2 by clicking Tools - Check for Update from the RealPlayer console. Colleges should review the advisories and patch the affected products to avoid attacks.

4/9/2008: Adobe has released a patch to Adobe Flash Player 9 that addresses a critical vulnerability that could lead to the potential execution of arbitrary code remotely. The update also includes DNS rebinding attack and cross-domain policy countermeasures. You should update to the latest version of Adobe Flash Player, version 9.0.124.0 available here. Colleges should review the advisories and patch the affected products to avoid attacks.

4/8/2008: Microsoft has released five critical patches in this month's Security Bulletin.  This month's patches should be tested and deployed as soon as possible at each college.  Sans.org is reporting that proof-of-concept exploits for MS08-023 have already been posted on the Internet.  The patches and details about them are available here.

4/3/2008:Apple has released a new version(7.4.5) of QuickTime that addresses 11 vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

3/26/2008: Cisco Systems has released the bi-annual patch for IOS. This patch includes fixes for conditions that may cause a denial of service. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. All Cisco security advisories can be found at this site.

3/26/2008: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

3/19/2008: Apple has released a security update to fix vulnerabilities within the Mac OS X operating system.  The updates are for both the Tiger(10.4) and Leopard(10.5) users. Info on this patch from Apple can be seen here. There is also a separate patch for the Safari browser.  Info on all Apple patches can be found at this site.

3/11/2008: Microsoft has released four patches in this month's Security Bulletin.  All four are rated Critical for specific MS Office versions.  This month's patches should be checked by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

2/12/2008: Microsoft has released eleven patches in this month's Security Bulletin.  Six are rated Critical.  This month's patches should be tested by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

2/11/2008: Apple has released a security update to fix 10 vulnerabilities within the Mac OS X operating system.  The updates are for both the Tiger and Leopard users. Sans.org is reporting more info on these patches.  Info from Apple can be seen here. Info on all Apple patches can be found at this site.

2/9/2008: Adobe Reader/Acrobat Vulnerability.  The Adobe Reader vulnerability is being exploited in the wild according to Sans.org.  The update for this vulnerability should be installed on all clients as soon as possible.  Additional information can be found at  McAfee.com and at Adobe.

1/8/2008: Microsoft has released two patches in this month's Security Bulletin.  One is rated Critical.  This month's patches should be tested by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

12/14/2007: QuickTime Vulnerability.  A QuickTime vulnerability is actively being exploited. The patch for the vulnerability should be pushed out all clients as soon as possible.  Information about the vulnerability can be found at Sans.org and the latest QuickTime release can be found on Apple's web site found here.

12/11/2007: Microsoft has released seven patches in this month's Security Bulletin.  Three of these patches are rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

11/13/2007: Microsoft has released two patches in this month's Security Bulletin.  One of these patches is rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

10/9/2007: Microsoft has released seven patches in this month's Security Bulletin.  Four of these patches are rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting that three of the seven vulnerabilities have been publicly known for some time.  The patches and details about them are available here.

9/11/2007: Microsoft has released four patches in this month's Security Bulletin. One of these patches is rated Critical for Windows 2000 sp4. This month's patches should be tested by each college before being deployed. The patches and details about them are available here.

8/14/2007: Microsoft has released nine patches in this month's Security Bulletin. Six of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

7/10/2007: Microsoft has released six patches in this month's Security Bulletin. Three of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

6/12/2007: Microsoft has released six patches in this month's Security Bulletin. Four of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

5/08/2007: Microsoft has released seven patches in this month's Security Bulletin. All of these patches are rated Critical. Sans.org is reporting that three of the seven vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

5/07/2007: Apple has released a new version of QuickTime that fixes a highly critical vulnerability. The new version is QuickTime 7.1.6. An exploit is expected to be publicly available shortly and it is advised that all systems running this software be upgraded as soon as possible. More information can be found at Apples web site here.

4/10/2007: Microsoft has released six patches in this month's Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of the six vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

4/03/2007: Microsoft has released the Security Bulletin Summary for April 2007 which contains the patch for the ANI vulnerability discussed below. This vulnerability is currently being exploited and it is highly recommended that this patch be applied as soon as possible. Each college should thoroughly test this patch before installing it on their systems.

4/02/2007: Microsoft is planning on releasing an out-of-cycle patch to address the below ANI vulnerability. This patch will be available on Tuesday, 4/03/2007. More information will be posted when the patch has been released.

3/29/2007: Microsoft is investigating reports of a new unpatched attack that is actively being exploited on the internet. The vulnerability is caused by Windows failing to properly handle specially crafted animated cursor (ANI) files. More information can be found here at Microsoft's web site along with suggested workarounds.

2/13/2007: Microsoft has released 12 patches in this month's Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that six of the twelve vulnerabilities either already have exploit code that's been publicly released or exploit code that is expected to be released soon. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

1/9/2007: Microsoft has released four patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that three of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Two other applications have announced vulnerabilities: Apple QuickTime and Adobe Reader. Read more about each vulnerability here:

Be aware that a buffer overflow has been announced for Apple QuickTime RTSP and currently does not have a patch available. An attacker may be able to execute arbitrary code or cause a denial of service on vulnerable clients by convincing the user to open specially crafted QuickTime content. This affects both Mac and Windows clients and also applies to other software (such as iTunes) that use vulnerable QuickTime components. Read more about the vulnerability can be found here as well as suggested workarounds: http://www.kb.cert.org/vuls/id/442497.

If you have Adobe Reader or Acrobat version 7.0.8 or earlier installed, you must upgrade to version 8.0 to be protected from a recent cross-site scripting vulnerability just announced when accessing .pdf files from a web browser. The vulnerability allows remote attackers to execute arbitrary code depending on the browser used (both Microsoft IE and Firefox were listed, see this link for more info). Upgrading to version 8.0 protects you from these exploits.

12/12/2006: Microsoft has released seven patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Microsoft is also investigating a report of "zero-day" attacks taking advantage of a vulnerability in ALL recent versions of Microsoft Word and Microsoft Works for both Windows & MAC. Read more about it here.

As always and should be common practice, it is critically important that you DO NOT OPEN ANY unsolicited WORD DOCUMENTS from both known and unknown sources, including email and the web.

11/14/2006: Microsoft has released six patches in this months Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

10/10/2006: Microsoft has released 10 patches in this months Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that one of these vulnerabilities already has exploit code that's been publicly released (MS06-057). These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Check out McAfee's notice about forcing all automatic updates to download the 5.1.00 engine starting on October 30th. This is to prepare for the release of their 8.5 VirusScan engine. They recommend that you voluntarily move to 5.1.00 before the cut off of October 30th. Please see their notice about this update change. If you haven't already pushed out engine 5100, then you should think about doing it before the end of this month.

09/27/2006: Microsoft has released a Critical Security Bulletin (MS06-055) which could allow Remote Code Execution and Complete Control of the affected System. This vulnerability is in the Vector Markup Language and affects Windows 2000, Windows XP and Windows 2003. It is recommended that you test and deploy the patch for this vulnerability as soon as possible. The patch and details about it are available here.

09/13/2006: Microsoft has released three patches in this months Security Bulletin. One of these is rated as Critical and affects Microsoft Publisher. If you are using this software, it is recommended that you test and deploy the patch as soon as possible. The patches and details about them are available here. Microsoft has also re-released two patches for previously disclosed vulnerabilities - MS06-040 and MS06-042. These new patches include fixes to newly discovered issues. Specifically, if you have systems still running Internet Explorer 6 SP1 or Internet Explorer 5 SP4, those systems are still vulnerable to exploit and should be patched for the MS06-042 vulnerability or update to the latest version.

08/10/2006: Microsoft has released 12 patches in this months Security Bulletin. Nine of these patches are rated Critical. Sans is reporting that three of these vulnerabilities already have exploit code that's been released. Of particular note is MS06-040 which has the potential to be turned into a worm and propagate itself across the network. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

07/17/2006: McAfee has announced a critical vulnerability in its EPO agent software which could allow remote code execution. Specific details of the vulnerability are available from eEye Digital Security. To find out if your agent software is vulnerable and directions on how to download and deploy the latest agent software, please visit McAfee's web site located here.

06/20/2006: Microsoft has announced a zero day vulnerability in Excel that could allow Remote Code Execution (Advisory 921365). There is currently no patch available. Some Anti-Virus vendors may detect some portions of this exploit, but it is recommended that you follow best practices described here to protect yourself.

6/15/2006: Microsoft has released 12 patches in this months Security Bulletin. Eight of these patches are rated Critical. Sans is reporting that five of these vulnerabilities already have exploit code that's been released. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Mozilla Firefox has release a patch for a vulnerability in its browser. The flaw has to do with an exploitable crash in InstallVersion.CompareTo. A proof of concept exploit has been posted. The patch and details about it are available here.

4/18/2006: Mozilla Products Contain Multiple Vulnerabilities.

3/16/2006: Adobe Macromedia Flash Products Contain Vulnerabilities

1/17/2006:  A new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server. A specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing. Authentication by the attacker is not needed to take advantage of this vulnerability. The security packs that address this vulnerability, Symantec Advisory #SYM05-024, can be found here.

Microsoft has released their monthly security patch bulletin which contains information on several critical vulnerabilities. This includes a vulnerability in TNEF decoding in Outlook and Exchange and a vulnerability in Web Fonts. Both of these issues could allow the Remote Execution of Code. The patches and details are available here.

1/12/2006: Do you have QuickTime installed on either Mac OS or Windows XP/2000? Apple has released a security update to fix multiple vulnerabilities found in versions prior to 7.0.4. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.

1/6/2006: Microsoft has released a patch for the WMF vulnerability discussed below. This patch which was originally due out on January 10th has been release 5 days early because of the critical nature of the vulnerability. This patch has been tested and approved by the System Office and it is highly recommended that it be deployed as soon as possible. The patch and details about it are available here.

1/4/2006: Two alerts to note for the new year: Another Sober virus variant is proposed to strike with a wave of e-mail attacks on January 5th or 6th. Also, a vulnerability was announced last month that affects how Microsoft handles WMF images. Please read the details for both alerts below to see how these security alerts affect you.

  1. Another Sober variant attack is expected to strike on January 5th or 6th. The importance of this warning is that you would already have to be infected with this Sober virus in order for the email attack to trigger on January 5th or 6th. All computers on our network should already have up-to-date anti-virus software in place to prevent an initial infection and therefore should not be the source of the e-mail attack portion of the Sober virus.


  2. Microsoft WMF Image Vulnerability. A vulnerability was announced at the end of December that affected how Microsoft handles WMF images. The vulnerability would allow an attacker to take complete control when an infected image was accessed. An infected image could be accessed by visiting a malicious website from a web browser, inside an e-mail or IM.

The Microsoft announcement, specifically the FAQ section, should answer your questions on this vulnerability and how it affects you. 

The official Microsoft patch is due to be released earlier than the scheduled January 10th. The new announcement states it will be released on January 5th. Be aware that an unofficial patch is available on the Internet and that we do not recommend applying any unofficial patches.

Even though this is a serious vulnerability that needs to be patched, the Microsoft announcement notes:

  • anti-virus companies indicate that attacks based on exploiting the WMF vulnerability are being effectively mitigated through up-to-date signatures;
  • customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.

6/1/2005: Apple has released new security updates.

2/17/2005: New variant of MyDoom spreads again on Internet. At least one machine at CT Community Colleges was affected! Remember to keep your anti-virus definition files up to date!

1/10/2005: IE vulnerability allows malicious websites to take control of your computer without any user interaction

12/15/2004: Username/Password Vulnerability in Cisco Unity Product

12/15/2004: Microsoft releases 5 Important updates that affect Wordpad, Hyperterminal, LSASS, DHCP and WINS (MS04-041 through MS04-045)

12/10/2004: Vulnerability announced that allows hijacking of pop-ups

12/08/2004: Be aware of Google Desktop Search when on public machines

 

 

 

 

 

 

 

 

 

    © Copyright 2004 Connecticut Community Colleges 61 Woodland Street Hartford, CT 06105 860-244-7600