Security Bulletin June 2012

In light of the regularity of malware incidents, we have another security bulletin about Java and Windows Update.

Our security team have now seen machines on campus and on the readingConnect network running Java version 1.6.0_31 being compromised via a “Scalaxy” exploit kit. It’s only a matter of time before the exploit appears in other, more prevalent kits.

Java needs to be 1.6.0_33 or 1.7.0_5 (released on Patch Tuesday, 12 June) to be safe. IT Services automated script will now also upgrade Java 1.7.0_x if required, should you need this, please contact IT Services.

This month’s Patch Tuesday Microsoft updates included a fix for a Remote Desktop (RDP) exploit that could again be potentially used for a worm. People with RDP enabled on their PCs or Terminal Servers need to be patched as soon as possible.

There were also fixes for Internet Explorer that are being actively exploited. We have seen one attempt to exploit another IE vulnerability that has not been patched yet, but for which exploit code has been published.

 

Sophos antivirus upgrade

On Tuesday 27 March,  ITS completed an overhaul of the Sophos infrastructure to bring us up to the latest protection they have to offer.

The primary reason was to begin deployment of the new version 10 of Sophos for Windows, which adds a level of network protection not possible with version 9. This is in order to protect against emerging threats as we have been advised by Sophos.

Sophos 10 for Windows will be deployed gradually over the coming month with no user action required. The most obvious change that you will see is the icon on the task bar will change from

 

 

To

 

 

Summary of changes:

  • Protection is offered at the network driver level rather than only in common web browsers.
  • Sophos can now assess if a PC is missing any Microsoft/Adobe/Java/Apple etc. patches.
  • Servers running Sophos now operate with a “long term support” version (fewer reboots for upgrades).
  • Faster updates with better resource usage (assuming Windows Vista or later).

 

Scam emails warning

There has been an attempt today, 25 January, to trap people into giving out their login details for University of Reading IT systems. Should you receive an email with the subject line ‘Attention: Staff/Students’ simply delete it.

Do not open it. Do not click on any links in it. Continue reading