Feed on
Posts
Comments

This is our first posting and a welcome message to the UTPA community.  Keep in touch and we will keep you informed about emerging threats, offer you tips on how to keep your computer safe, and tell you about the different information security initiatives at the University.  We welcome suggestions and opinions; please feel free to post comments.

Below is a summary of the combined security bulletins for the month of September 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, September 18th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

      • Microsoft Security Updates
        • MS14-052 : Cumulative Security Update for Internet Explorer (2977629)
          More info: https://technet.microsoft.com/library/security/MS14-052
          Severity : Critical
        • MS14-053 : Vulnerability in .NET Framework Could Allow Denial of Service (2990931)
          More info: https://technet.microsoft.com/library/security/MS14-053
          Severity : Important
        • MS14-054 : Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)
          More info: https://technet.microsoft.com/library/security/MS14-054
          Severity : Important
      • Microsoft Security Advisory
        • KB2987114 : Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
          More info : http://support.microsoft.com/kb/2987114
        • KB2905247 : Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege
          More info : http://support.microsoft.com/kb/2905247
      • Microsoft Non-Security Updates
        • KB2975331 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2975331
        • KB2975719 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2975719
        • KB2976978 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2976978
        • KB2979501 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2979501
        • KB2981685 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2981685
        • KB2984005 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2984005
        • KB2984006 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2984006
        • KB2989647 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2989647
        • KB2996851 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2996851
        • September 2014 Office Update Release
          More info : http://blogs.technet.com/b/office_sustained_engineering/archive/2014/09/10/september-2014-office-update-release.aspx
      • Adobe
        • Update Adobe Flash Player ActiveX to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Flash Player Plugin to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Air to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Reader/Acrobat 11 – Pending – Adobe re-scheduled update release to the week of September 15th, 2014
          More info: http://helpx.adobe.com/security/products/reader/apsb14-20.html
          Severity: Critical
        • Update Adobe Reader/Acrobat 10 Pending – Adobe re-scheduled update release to the week of September 15th, 2014
          More info: http://helpx.adobe.com/security/products/reader/apsb14-20.html
          Severity: Critical

Below is a summary of the combined security bulletins for the month of August 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, August 21st, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

Below is a summary of the combined security bulletins for the month of July 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, July 17th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

Below is a summary of the combined security bulletins for the month of June 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, June 19th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

We want to inform you of a growing threat from Cryptolocker. Please read the FAQ below to better inform and protect yourself.

What is Cryptolocker?

Cryptolocker is malware categorized as ransomware that targets computers running Microsoft Windows. When the device is infected, it will begin encrypting your files in the background. When it finishes, it will display a window that will inform you that your files are encrypted and that you have 72 hours to pay in order to get them decrypted.

How could I become infected with Cryptolocker?

The method of delivery is usually through email messages pretending to be from a reputable organization. The message will have a zip file attachment that will contain the malware disguised as a PDF file. This is not the only avenue for infection, so also avoid opening files from untrusted sources or files that have the EXE extension.

What should I do if my computer is infected with Cryptolocker?

For devices owned by the University or that contain University data, please contact the OCISO at 956-665-7124 to understand the impact of the incident. If there is no University data involved, the owner must make the choice to either pay the ransom or lose the data.

What can I do to protect myself?

The best protection against this threat is to use good judgment when opening email attachments and avoid opening files from untrusted sources. The other thing you can do to protect your data is to have a backup. Please beware, if you have your backup service as a mounted drive, there is a great chance that it will also be encrypted. To protect your backup from this threat, don’t mount it as a drive or use a service that allows you to restore from older backups.

Related articles

US-Cert: CryptoLocker Ransomware Infections

https://www.us-cert.gov/ncas/alerts/TA13-309A

Sans OUCH!: What is Malware

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201402_en.pdf

Sophos Naked Security: CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery

http://nakedsecurity.sophos.com/2013/10/18/CryptoLocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

Below is a summary of the combined security bulletins for the month of May 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, May 22nd, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

      • Microsoft Security Updates
        • MS14-022 : Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)More info: https://technet.microsoft.com/library/security/ms14-022

          Severity: Critical

        • MS14-023 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037)More info: https://technet.microsoft.com/library/security/ms14-023

          Severity : Important

        • MS14-024 : Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033)More info: https://technet.microsoft.com/library/security/ms14-024

          Severity : Important

        • MS14-025 : Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)More info: https://technet.microsoft.com/en-us/library/security/ms14-025.aspx

          Severity : Important

        • MS14-026 : Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732)More info: https://technet.microsoft.com/en-us/library/security/ms14-026.aspx

          Severity : Important

        • MS14-027 : Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)More info: https://technet.microsoft.com/en-us/library/security/ms14-027.aspx

          Severity : Important

        • MS14-028 : Vulnerabilities in iSCSI Could Allow Denial of Service (2962485)More info: https://technet.microsoft.com/en-us/library/security/ms14-028.aspx

          Severity : Important

        • MS14-029 : Security Update for Internet Explorer (2962482)More info: https://technet.microsoft.com/en-us/library/security/ms14-029.aspx

          Severity : Critical

      • Microsoft Security Advisory
        • KB2962140: Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse ClientMore info: http://support.microsoft.com/kb/2962140
        • KB2964757: Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse ClientMore info: http://support.microsoft.com/kb/2964757
        • KB2961908 : Security Update for Windows 8.1More info : http://support.microsoft.com/kb/2961908
        • KB2957151: Security Update for Internet Explorer Flash Player for Windows 8More info: https://support.microsoft.com/kb/2957151
        • KB2871997: Security Update for WindowsMore info: https://technet.microsoft.com/library/security/2871997
      • Adobe
        • Update Adobe Flash Player to version 13.0.0.214More info: http://helpx.adobe.com/security/products/flash-player/apsb14-14.html

          Severity: Critical

        • Update Adobe Reader/Acrobat 11 to version 11.0.7More info: http://helpx.adobe.com/security/products/reader/apsb14-15.html

          Severity: Critical

        • Update Adobe Reader/Acrobat 10 to version 10.1.10More info: http://helpx.adobe.com/security/products/reader/apsb14-15.html

          Severity: Critical

        • Update Adobe Air to version 13.0.0.111More info:  http://helpx.adobe.com/security/products/flash-player/apsb14-14.html

          Severity: Critical

We have an update for the bulletin sent on April 28, 2014, regarding the vulnerability for Microsoft Internet Explorer.  The vendor just released a patch that eliminates the vulnerability.  In order to secure your computer, we will be sending the necessary updates tonight (May 2nd, 2014) at 11:00pm.  Please save your files at the end of the day, since the updates will automatically restart your computer to complete the installation.  Also, if you regularly turn off your computer when you leave work, we recommend you log off and leave your computer on tonight.  Otherwise, the updates will get installed the next time that you turn on your computer and will affect its performance during the update process (including a restart).

 

There is a security vulnerability affecting Microsoft Internet Explorer versions 6 through 11 which is currently being used to compromise computers.

What does that mean?

It means that your computer could be compromised if you visit a site exploiting this weakness using Internet Explorer.

What version of Internet Explorer is being used on University computers and which is the latest version?

The majority of computers on campus are running Internet Explorer 9.  The latest version available is Internet Explorer 11 and it is also affected.

What can I do to protect myself while the vendor releases a patch?

  • If you have another web browser (that is up-to-date with security patches; we recommend Google Chrome), use it instead of Internet Explorer.
  • Limit the use of Internet Explorer to trusted sites.
  • Avoid clicking on hyperlinks inside email messages, even if the messages look authentic.
  • Avoid logging on to your computer with an account with elevated privilege (administrator).
  • Make sure that your personal devices running Microsoft Windows are patched as soon as an update is released.

What is the University doing against this threat?

We are exploring the different mitigations that the vendor is suggesting while they release an update.  As soon as the update is released, it will be immediately sent to all managed computers.

Related Articles

New zero-day vulnerability identified in all versions of IE

www.cnet.com/news/new-zero-day-vulnerability-identified-in-all-versions-of-ie/

Microsoft Internet Explorer Use-After-Free Vulnerability Being Actively Exploited

www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being

Recently, there was a very significant security vulnerability known as Heartbleed.  Please read the information below to better inform yourself about the risks and how to protect yourself.

 

What is the Heartbleed vulnerability?

It is a weakness that was discovered on April 7th, 2014, that affects some web services that use SSL to encrypt communications.  In the time window between the vulnerability was discovered and remediated, a hacker might have taken advantage of this weakness to steal sensitive information from vulnerable servers.

Did this vulnerability affect UTPA servers?

Some web servers were affected by this vulnerability and we immediately responded to the threat.  None of our systems hosting student or employee data were at risk.

Why should I be concerned?

  • There could be web services that you are using from your computer or mobile device that may be or may have been vulnerable.
  • There are also phishing attempts from people taking advantage of the circumstances to attempt to steal your username and password.

What can I do to protect myself?

  • Change your passwords on the websites that you know were vulnerable and have dealt with the vulnerability.  Reference the related article below for resources that could help you identify sites that were or are still vulnerable.
  • Do not click on hyperlinks inside email messages telling you to click to change your username and password because of this vulnerability.
  • Use a different password for each website registration, use strong passwords and enable two-step verification for websites that support it.

 

Related Articles

Sans OUCH!  Heartbleed – Why Do I Care?

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-2014-special_en.pdf

Below is a summary of the combined security bulletins for the month of April 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, April, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

 

Older Posts »