[3508] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, February 19, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Feb 19 14:18:53 2013
Resent-From: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Tue, 19 Feb 2013 19:17:37 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F25272F47@W92EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0838033780=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0838033780==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F25272F47W92EXPO24exchan_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F25272F47W92EXPO24exchan_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Adobe Updates Various Plug-Ins
2. McAfee's Code-Signing Problem with Mac OS X
3. How To Verify the Source of an Email
-----------------------------------------------
1. Adobe Updates Various Plug-Ins
-----------------------------------------------
Adobe has released updates to address multiple vulnerabilities in both Wind=
ows and Mac platforms.
Systems affected:
* Adobe Flash Player 11.5 and earlier
* Adobe AIR 3.5 and earlier
* Adobe Shockwave Player 11.6 and earlier
Adobe recommends that users of these products apply the updates. A remote u=
nauthenticated attacker could execute arbitrary code, cause a denial of ser=
vice, or gain unauthorized access to your files or system.
To verify the version of Adobe Flash Player installed on your system, acces=
s the About Flash Player page<http://www.adobe.com/software/flash/about/>. =
Do this for each browser you use. Google Chrome automatically updates when =
new versions of Flash Player are available.
See the full security bulletins regarding Adobe Flash Player<https://www.ad=
obe.com/support/security/bulletins/apsb13-05.html> and Adobe Shockwave Play=
er<https://www.adobe.com/support/security/bulletins/apsb13-06.html> for mor=
e details and how to update to the newest versions.
-----------------------------------------------------------------
2. McAfee's Code-Signing Problem with Mac OS X
-----------------------------------------------------------------
Last week, McAfee accidentally revoked the digital key<http://arstechnica.c=
om/security/2013/02/a-world-of-hurt-after-mcafee-mistakenly-revokes-key-for=
-signing-mac-apps/> the company uses to certify applications that run on Ap=
ple's Mac OS X platform. The incident caused problems for customers who wan=
ted to install or upgrade their Mac antivirus products.
If you have been attempting to install or upgrade McAfee Security for Mac, =
you may have noticed that the application was blocked from running on the s=
ystem. Temporarily disabling Gatekeeper did not allow installation to proce=
ed.
Luckily, McAfee engineers resolved the issue and have provided an updated b=
inary of McAfee Security 1.2 for Mac. The new installer is available on the=
IS&T Software Grid<http://ist.mit.edu/software-hardware?type=3D16>.
The latest information on the issue is posted here<http://kb.mit.edu/conflu=
ence/x/7qgBCQ>.
-----------------------------------------------------
3. How To Verify the Source of an Email
-----------------------------------------------------
If you are ever in doubt whether an email you received originated from the =
place it claims to be from, try this: verify the information by reading the=
full headers of an email.
Email headers (also called "full headers<http://kb.mit.edu/confluence/displ=
ay/istcontrib/Forwarding+Full+Mail+Headers>") are the details that show the=
path the message took to reach your inbox. Details such as dates, times, m=
ail servers it passed through and even the originating email address are in=
cluded.
I am sure you have seen questionable emails that claim to come from the MIT=
Email Team or a System Administration team in IS&T. You have also likely r=
eceived many emails that claim to come from a business, such as Fed Ex or a=
bank. Sometimes they can really fool you; even the "from" address makes it=
look like these emails are legitimate.
But wait! Before clicking on any links within these emails or replying to t=
he sender, check the header. This article<http://kb.mit.edu/confluence/disp=
lay/istcontrib/How+to+verify+if+an+email+originated+from+someone+at+MIT> sh=
ows you how easy it is to find out who the real sender of an email is by re=
ading the information contained within the header.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F25272F47W92EXPO24exchan_
Content-Type: text/html; charset="us-ascii"
Content-ID: <96A1CD49FBEBFB4EBD3C85E92D20A022@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; ">In thi=
s issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Adobe Updates Various=
Plug-Ins</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. McAfee's Code-Signing=
Problem with Mac OS X</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. How To Verify the Sou=
rce of an Email</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Adobe Updates Various=
Plug-Ins</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Adobe has released updat=
es to address multiple vulnerabilities in both Windows and Mac platforms.&n=
bsp;</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Systems affected:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica; ">Adobe Flash Player 11.5=
and earlier
</li><li style=3D"margin: 0px; font-family: Helvetica; ">Adobe AIR 3.5 and =
earlier </li><li style=3D"margin: 0px; font-family: Helvetica; ">Adobe Shoc=
kwave Player 11.6 and earlier
</li></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Adobe recommends that us=
ers of these products apply the updates. A remote unauthenticated attacker =
could execute arbitrary code, cause a denial of service, or gain unauthoriz=
ed access to your files or system. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">To verify the version of=
Adobe Flash Player installed on your system, access the
<a href=3D"http://www.adobe.com/software/flash/about/">About Flash Player p=
age</a>. Do this for each browser you use. Google Chrome automatically upda=
tes when new versions of Flash Player are available.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">See the full security bu=
lletins regarding
<a href=3D"https://www.adobe.com/support/security/bulletins/apsb13-05.html"=
>Adobe Flash Player</a> and
<a href=3D"https://www.adobe.com/support/security/bulletins/apsb13-06.html"=
>Adobe Shockwave Player</a> for more details and how to update to the newes=
t versions.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. McAfee's Code-Signing=
Problem with Mac OS X</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Last week, <a href=3D"ht=
tp://arstechnica.com/security/2013/02/a-world-of-hurt-after-mcafee-mistaken=
ly-revokes-key-for-signing-mac-apps/">
McAfee accidentally revoked the digital key</a> the company uses to certify=
applications that run on Apple's Mac OS X platform. The incident caused pr=
oblems for customers who wanted to install or upgrade their Mac antivirus p=
roducts.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">If you have been attempt=
ing to install or upgrade McAfee Security for Mac, you may have noticed tha=
t the application was blocked from running on the system. Temporarily disab=
ling Gatekeeper did not allow installation
to proceed. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Luckily, McAfee engineer=
s resolved the issue and have provided an updated binary of McAfee Security=
1.2 for Mac. The new installer is available on the
<a href=3D"http://ist.mit.edu/software-hardware?type=3D16">IS&T Softwar=
e Grid</a>. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/x/7qgBCQ">The latest information on the issue is posted her=
e</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. How To Verify the Sou=
rce of an Email</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">If you are ever in doubt=
whether an email you received originated from the place it claims to be fr=
om, try this: verify the information by reading the full headers of an emai=
l. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Email headers (also call=
ed "<a href=3D"http://kb.mit.edu/confluence/display/istcontrib/Forward=
ing+Full+Mail+Headers">full headers</a>") are the details =
that show the path the message took to reach your inbox. Details
such as dates, times, mail servers it passed through and even the originat=
ing email address are included. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">I am sure you have seen =
questionable emails that claim to come from the MIT Email Team or a System =
Administration team in IS&T. You have also likely received many emails =
that claim to come from a business, such
as Fed Ex or a bank. Sometimes they can really fool you; even the "fr=
om" address makes it look like these emails are legitimate.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">But wait! Before clickin=
g on any links within these emails or replying to the sender, check the hea=
der.
<a href=3D"http://kb.mit.edu/confluence/display/istcontrib/How+to+v=
erify+if+an+email+originated+from+someone+at=
3;MIT">
This article</a> shows you how easy it is to find out who the real sender o=
f an email is by reading the information contained within the header.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; min-height: 16px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F25272F47W92EXPO24exchan_--
--===============0838033780==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0838033780==--
