ACC Mail ACC ACC Homepage
About ACCACC NewsFaculty Services IndexStudent Services IndexACC User DocumentationACC Computing PoliciesRecommended Systems and Purchase informationComputer Support Services
 

Security Bulletin Summary February 15, 2006

Windows Security Advisory
Overview
Who is Affected

Recommended Actions

Administrative Users
Academic PC Users
All Home PC Users
Academic Mac Users

Further Assistance

Other Bulletins

ADMINISTRATIVE Staff: If you use a computer at HOME, please read on.

STUDENTS, FACULTY, ADMINISTRATIVE STAFF, ACADEMIC STAFF AND ALL HOME USERS must follow the recommendations below.

I. OVERVIEW

Security flaws have been found in all versions of Windows, Windows Media Player, and Internet explorer. Microsoft has released critical updates to address this problem.

II. WHO IS AFFECTED?

All Windows computers may be affected by this vulnerability. Macintosh users are not affected.

III. RECOMMENDED ACTION - ADMINISTRATIVE USERS ON CAMPUS

Administrative computing will update your office computers. Please follow the recommended action for home systems.

IV. RECOMMENDED ACTION - ACADEMIC WINDOWS USERS and ALL HOME USERS

You must install all necessary Windows critical updates, including those released February 14. The best way to apply these updates is to open INTERNET EXPLORER and go to http://windowsupdate.microsoft.com/
(Note: You must use Internet Explorer; other browsers, such as Netscape and FireFox, will not work.) Follow the instructions to scan for updates and install all **critical** updates identified (recommended updates and driver updates are not necessary).

If you install an upgrade to Windows Media Player after applying these critical upgrades, you need to reapply updates from http://windowsupdate.microsoft.com/.

If your computer is not automatically updating, see http://www.haverford.edu/acc/docs/general/osupdates.html for instructions on how to set up your computer to automatically notify you and install Microsoft updates as they are released.

V. RECOMMENDED ACTION - ACADEMIC MAC USERS

Macintosh users are not affected by this threat.

However, Macintosh users must also be sure to get all critical operating system updates and Office updates. Look for the Software Update tool in your Control Panel (OS 9) or in System Preferences (OS X) for operating system updates. For detailed instructions see http://www.haverford.edu/acc/docs/general/osupdates.html.

For information and downloads of current anti-virus software, go to http://www.haverford.edu/acc/virus/macantivirus.html

VI. FOR FURTHER ASSISTANCE

Students, faculty and academic staff please contact Academic Computing:
Telephone: 610-896-1480
Email: compctr@haverford.edu
Web: http://www.haverford.edu/acc/helpdesk/
In Person: Stokes 204 9am to 5pm, Monday through Friday and until 9am to 9pm on Tuesdays.

Administrative staff please contact Administrative Computing:
Telephone: 610-896-1355
Email: admincc@haverford.edu

VII. MORE INFORMATION

For additional information on this threat, please refer to the following web sites:

* Microsoft Security Bulletin Summary for February 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx>

* US-CERT Vulnerability Note VU#312956 -
<http://www.kb.cert.org/vuls/id/312956>

* US-CERT Vulnerability Note VU#291396 -
<http://www.kb.cert.org/vuls/id/291396>

* US-CERT Vulnerability Note VU#692060 -
<http://www.kb.cert.org/vuls/id/692060>

* US-CERT Vulnerability Note VU#839284 -
<http://www.kb.cert.org/vuls/id/839284>

* CVE-2006-0020 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0020>

* CVE-2006-0006 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0006>

* CVE-2006-0005 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0005>

* CVE-2006-0021 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0021>

For Questions and Comments, contact Haverford College's Academic Computing Center.
Last updated on February 15, 2006

HC HomeCampus DirectoryHaverford College Library ResourcesHaverford College Web Search EngineAcademic DepartmentsACC Home