[1719] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, May 1, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Fri May 1 15:13:15 2009
Message-Id: <BC21292D-1A96-4CE6-9638-38255FFF92EB@MIT.EDU>
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi@mit.edu
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Fri, 1 May 2009 15:06:35 -0400
Cc: itss@mit.edu
Content-Type: multipart/mixed; boundary="===============1193956847=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1193956847==
Content-Type: multipart/alternative; boundary=Apple-Mail-22-904590772
--Apple-Mail-22-904590772
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
NOTE:
Newsletter Archive: This newsletter is now being archived in the
Hermes knowledge base. To find older issues of this newsletter, you
can now go here: <http://kb.mit.edu/confluence/x/ehBB>
In this issue:
1. Recent Security Updates
2. Fighting Spam at MIT Just Got Better
3. Minimizing Risk When Downloading
--------------------------------------
1. Recent Security Updates
--------------------------------------
---- Microsoft ----
Microsoft released the 2007 Microsoft Office Suite Service Pack 2
(SP2) which provides the latest updates to the 2007 Office suite.
Updates include previously unreleased fixes that were made
specifically for this service pack and all of the public updates,
security updates, cumulative updates, and hot fixes released through
February 2009.
Supported Systems:
Windows Server 2003 Service Pack 2
Windows Server 2008
Windows Vista Service Pack 1
Windows XP Service Pack 3
It can be downloaded from this page <http://www.microsoft.com/downloads/details.aspx?FamilyID=b444bf18-79ea-46c6-8a81-9db49b4ab6e5&displaylang=en
> or through the Windows software update service on your computer.
---- Mozilla ----
Firefox 3.0.10 was released by Mozilla. This update fixes two security
bugs in the 3.0.9 version of the browser. It can be downloaded from
the Firefox page here:
<http://www.mozilla.com/en-US/firefox/firefox.html> or through the
update service within the browser.
-------------------------------------------------------
2. Fighting Spam at MIT Just Got Better
-------------------------------------------------------
Although by late last year the amount of spam being sent worldwide
decreased significantly after the McColo shut down episode [Wikipedia
article: http://en.wikipedia.org/wiki/McColo], it appears that now
spam numbers have risen back to almost pre-McColo levels.
IS&T at MIT has addressed the problem by providing a new tool to catch
spam called Symantec Spam Quarantine. The spam screening service that
was already in place will be phased out over the summer of 2009 and
users are now recommended to begin using the new Spam Quarantine
service.
Curious to see how well this service works, I signed up and have not
been disappointed. After about a week of using the service, literally
NO spam has bypassed the filter and made it into my in box. In the
beginning some spam still made it through, but after a few days that
fixed itself. Each morning I receive an email from the service showing
me a list of every email that was pushed into quarantine. If a
legitimate email gets caught in quarantine, you can release it and the
sender will be added to your permitted list.
At the moment there is no easy way to move your previously created
"allowed" list to the new service. I simply copied and pasted mine,
which you can do in bulk, but you must make sure to add commas between
the addresses.
You can enable Symantec Spam Quarantine here: <https://nic-too.mit.edu/cgi-bin/spamscreen
>.
Once signed up, your old spamscreen folder will no longer be catching
spam and all spam will go into the quarantine. For additional
information on the service please see:
<http://web.mit.edu/ist/topics/email/nospam/spamquarantine.html>
If you have any comments or questions about the service, you can send
them to <bowser@mit.edu>.
-----------------------------------------------------
3. Minimizing Risk When Downloading
-----------------------------------------------------
Getting malware installed on a computer is easy enough without doing
it intentionally. Often when you've gotten infected from visiting the
Internet, the solutions you find online are ones that might infect
your computer even further (see my article two weeks ago on
"Scareware" which talks about how users get duped into downloading
what they think is a cure for their infected computer but then creates
more problems).
The article posted below talks about one approach that will reduce the
risk when downloading unknown software from the Internet.
Read the article here:
<http://blogs.techrepublic.com.com/networking/?p=801>
NOTE: Generally, we recommend to NOT download any unknown software
from the Internet, especially onto a business machine or a machine
containing sensitive data. But if you need to do this for instance on
a home computer, the author's point about taking the extra time to do
substantial research online about products BEFORE you download them,
is a good one.
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
--Apple-Mail-22-904590772
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">NOTE: </div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; ">Newsletter Archive: This newsletter is now being =
archived in the Hermes knowledge base. To find older issues of this =
newsletter, you can now go here: <<a =
href=3D"http://kb.mit.edu/confluence/x/ehBB">http://kb.mit.edu/confluence/=
x/ehBB</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">1. =
Recent Security Updates</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">2. Fighting Spam at MIT Just Got =
Better</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; ">3. Minimizing Risk When Downloading</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">--------------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Calibri; ">1. Recent Security =
Updates</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; ">--------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; "> ---- Microsoft ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">Microsoft released the 2007 =
Microsoft Office Suite Service Pack 2 (SP2) which provides the latest =
updates to the 2007 Office suite. Updates include previously unreleased =
fixes that were made specifically for this service pack and all of the =
public updates, security updates, cumulative updates, and hot fixes =
released through February 2009.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">Supported Systems:</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div>
<ul style=3D"list-style-type: disc">
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Calibri">Windows Server 2003 Service Pack 2</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Calibri">Windows Server 2008</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Calibri">Windows Vista Service Pack 1</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Calibri">Windows XP Service Pack 3</li>
</ul><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">It can be downloaded from this page =
<<a =
href=3D"http://www.microsoft.com/downloads/details.aspx?FamilyID=3Db444bf1=
8-79ea-46c6-8a81-9db49b4ab6e5&displaylang=3Den">http://www.microsoft.c=
om/downloads/details.aspx?FamilyID=3Db444bf18-79ea-46c6-8a81-9db49b4ab6e5&=
amp;displaylang=3Den</a>> or through the Windows software update =
service on your computer.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
"> ---- Mozilla ----</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">Firefox 3.0.10 was released by Mozilla. This update fixes two security =
bugs in the 3.0.9 version of the browser. It can be downloaded from the =
Firefox page here:</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; "><<a =
href=3D"http://www.mozilla.com/en-US/firefox/firefox.html">http://www.mozi=
lla.com/en-US/firefox/firefox.html</a>> or through the update service =
within the browser.</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; =
">-------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">2. =
Fighting Spam at MIT Just Got Better</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; =
">-------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">Although by late last year the =
amount of spam being sent worldwide decreased significantly after the =
McColo shut down episode [Wikipedia article: <a =
href=3D"http://en.wikipedia.org/wiki/McColo">http://en.wikipedia.org/wiki/=
McColo</a>], it appears that now spam numbers have risen back to almost =
pre-McColo levels.</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">IS&T at MIT has addressed the problem by providing a new tool to =
catch spam called Symantec Spam Quarantine. The spam screening service =
that was already in place will be phased out over the summer of 2009 and =
users are now recommended to begin using the new Spam Quarantine =
service.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">Curious to see how well this service works, I signed up and have not =
been disappointed. After about a week of using the service, literally NO =
spam has bypassed the filter and made it into my in box. In the =
beginning some spam still made it through, but after a few days that =
fixed itself. Each morning I receive an email from the service showing =
me a list of every email that was pushed into quarantine. If a =
legitimate email gets caught in quarantine, you can release it and the =
sender will be added to your permitted list.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">At the moment there is no easy way =
to move your previously created "allowed" list to the new service. I =
simply copied and pasted mine, which you can do in bulk, but you must =
make sure to add commas between the addresses.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">You can enable Symantec Spam =
Quarantine here: <<a =
href=3D"https://nic-too.mit.edu/cgi-bin/spamscreen">https://nic-too.mit.ed=
u/cgi-bin/spamscreen</a>>.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">Once =
signed up, your old spamscreen folder will no longer be catching spam =
and all spam will go into the quarantine. For additional information on =
the service please see:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; "><<a =
href=3D"http://web.mit.edu/ist/topics/email/nospam/spamquarantine.html">ht=
tp://web.mit.edu/ist/topics/email/nospam/spamquarantine.html</a>></div>=
<div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">If you have any comments or =
questions about the service, you can send them to <<a =
href=3D"mailto:bowser@mit.edu">bowser@mit.edu</a>>.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
">-----------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">3. =
Minimizing Risk When Downloading</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; =
">-----------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">Getting malware installed on a =
computer is easy enough without doing it intentionally. Often when =
you've gotten infected from visiting the Internet, the solutions you =
find online are ones that might infect your computer even further (see =
my article two weeks ago on "Scareware" which talks about how users get =
duped into downloading what they think is a cure for their infected =
computer but then creates more problems). </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">The article posted below talks =
about one approach that will reduce the risk when downloading unknown =
software from the Internet. </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; ">Read =
the article here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Calibri; "><<a =
href=3D"http://blogs.techrepublic.com.com/networking/?p=3D801">http://blog=
s.techrepublic.com.com/networking/?p=3D801</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Calibri; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Calibri; ">NOTE: Generally, we recommend to =
NOT download any unknown software from the Internet, especially onto a =
business machine or a machine containing sensitive data. But if you need =
to do this for instance on a home computer, the author's point about =
taking the extra time to do substantial research online about products =
BEFORE you download them, is a good one.</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Calibri; min-height: 17px; =
"><br></div><div apple-content-edited=3D"true"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Calibri; font-size: 14px; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><div><div><div><div><div><div><div><div><div><br></div><d=
iv>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div>Monique Yeaton</div><div>IT Security Awareness =
Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
a></div></div><div><br></div><div>---------------------------------------<=
/div><div><div>Important: DO NOT GIVE OUT YOUR =
PASSWORDS! </div><div>Ignore emails asking you to provide yours. =
IS&T will *NEVER* ask you for your =
password. </div></div></div></div></div></div></div></div></div></div=
></div></div></div></span> </div><br></body></html>=
--Apple-Mail-22-904590772--
--===============1193956847==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1193956847==--
