Security Bulletin Summary May 2, 2006

Overview
Who is Affected

Recommended Actions

Administrative Users
Academic and All Home Windows Users
Academic and All Home Macintosh Users
Tips for Safer Computing
Further Assistance

Other Bulletins
Recent CERT Alerts

ADMINISTRATIVE Staff: If you use a computer at HOME, please read on.

STUDENTS, FACULTY, ADMINISTRATIVE STAFF, ACADEMIC STAFF AND ALL HOME USERS must follow the recommendations below.

I. OVERVIEW

During the Spring 2006 semester, a number of critical computer vulnerabilities were discovered. These have been addresses through a mix of software patches and software updates. Make sure that your system is properly secured for the summer.

II. WHO IS AFFECTED?

All systems are vulnerable to at least some serious security threats.

III. RECOMMENDED ACTION - ADMINISTRATIVE USERS ON CAMPUS

Administrative Computing will upgrade systems in Administrative Offices, but you must upgrade your home systems. Please follow the recommended actions for Window or Macintosh home systems.

IV. RECOMMENDED ACTION - STUDENTS, FACULTY, ACADEMIC STAFF, and ALL HOME WNDOWS COMPUTER USERS

1. Install all Windows critical updates. Open INTERNET EXPLORER and go to http://windowsupdate.microsoft.com/
2. Install all Office critical updates. Open INTERNET EXPLORER and navigate to http://office.microsoft.com/officeupdate
3. Install the latest version of Flash Player on your computer from http://www.macromedia.com/go/getflashplayer/
4. Upgrade to the latest version of Mozilla Firefox at http://www.mozilla.com/firefox.
5. Install Windows Defender,--a free program from Microsoft that helps protect your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software
6. Confirm that you have the most recent virus definitions.
   1. From the Start Menu, go to Programs, Network Associates and VirusScan Console.
   2. Highlight AutoUpdate.
   3. Click on the green arrow button on the menu bar.

V. RECOMMENDED ACTION - STUDENTS, FACULTY, ACADEMIC STAFF, and ALL HOME MACINTOSH COMPUTER USERS

1. Install all Macintosh OS critical updates.
   1. Under the Apple Menu select System Preferences.
   2. Double-click on Software Update.
   3. Check the option to Automatically check for updates weekly.
   4. Run Check Now
2. Install all Office critical updates. Navigate to http://www.microsoft.com/mac/downloads.aspx and install the updates appropriate to your version of Office.
3. Install the latest version of Flash Player on your computer from http://www.macromedia.com/go/getflashplayer/
4. Upgrade to the latest version of Mozilla Firefox at http://www.mozilla.com/firefox.
5. Confirm that you have the most recent virus definitions.
   1. Double-click on the Virex icon.
   2. Click on the eUpdate button.

VI. PRACTICE SAFER COMPUTING ALL THE TIME

Always follow the guidelines to Protect Your Computer at http://www.haverford.edu/acc/protect/.

VII. FOR FURTHER ASSISTANCE

Students, faculty and academic staff please contact Academic Computing:
Telephone: 610-896-1480
Email: compctr@haverford.edu
Web: http://www.haverford.edu/acc/helpdesk/
In Person: Stokes 204 9am to 5pm, Monday through Friday and until 9am to 9pm on Tuesdays.

Administrative staff please contact Administrative Computing:
Telephone: 610-896-1355
Email: admincc@haverford.edu

VI. MORE INFORMATION

Additional information about computer security and current threats can be found at the following sites:

United States Computer Emergency Readiness Team (US-CERT )

<http://www.us-cert.gov/nav/nt01/>

McAfee Avert Threat Center

<http://www.mcafee.com/us/threat_center/default.asp>

Microsoft Security

<http://www.microsoft.com/security/>

Apple Product Security

<http://www.apple.com/support/security/>