ACC Mail ACC ACC Homepage
About ACCACC NewsFaculty Services IndexStudent Services IndexACC User DocumentationACC Computing PoliciesRecommended Systems and Purchase informationComputer Support Services
 

Security Bulletin
of November 16, 2006

Overview
Who is Affected

Recommended Actions

Administrative Users
Academic and All Home Windows Users
Academic and All Home Macintosh Users
Tips for Safer Computing
Further Assistance

Other Bulletins
Recent CERT Alerts

ADMINISTRATIVE Staff: If you use a computer at HOME, please read on.

STUDENTS, FACULTY, ADMINISTRATIVE STAFF, ACADEMIC STAFF AND ALL HOME USERS must follow the recommendations below.

I. OVERVIEW

Serious security holes have been identified in Microsoft Windows and Internet Explorer. In addition, serious security holes exist for campus Windows VPN users (Windows users who use campus wireless, or connect to hcvpn from home), which requires VPN users to upgrade upgrade their VPN client software.

Many of these threats could allow a remote user to take over your computer. Please secure your Windows computer as instructed below.

In addition, Microsoft has released Internet Explorer 7.0 and you may be asked if you wish to upgrade. Information about the upgrade is below.

II. WHO IS AFFECTED?

All Windows systems are affected. Although Macintosh systems are not included in this alert, Macintosh users should follow the steps below to confirm they are current with OS and Virus updates.

III. RECOMMENDED ACTION - ADMINISTRATIVE USERS ON CAMPUS

Administrative Computing will upgrade systems in Administrative Offices, but you must upgrade your home systems. Please follow the recommended actions for Window or Macintosh home systems.

IV. RECOMMENDED ACTION - STUDENTS, FACULTY, ACADEMIC STAFF, and ALL HOME WNDOWS COMPUTER USERS

  1. Install all Windows critical updates. Open INTERNET EXPLORER and go to http://update.microsoft.com/
    1. If you get a message to "Install Microsoft Update today", follow the instructions on your screen to do so.
    2. Make sure you install all "required" updates. One or more reboots may be required.
    3. As part of the upgrade process, you may be asked if you want to update to Internet Explorer 7 (IE 7). We recommend you upgrade, as IE 7 offers some improved security and usability options. However, you should be aware that IE 7 has some significant technical changes from earlier versions. As a result, you may have trouble accessing some web sites, until those web sites revise their pages to work with this new version.
  2. If you have not yet done so, set your computer to automatically download new Microsoft updates.
  3. Upgrade your VPN client, if you have one. For instructions and downloads go to http://www.haverford.edu/acc/docs/network/VPN/installclient.htm#winxp
  4. If you have not yet done so, install Windows Defender from http://www.microsoft.com/athome/security/spyware/software/
    This free program from Microsoft that helps protect your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software.
  5. New versions of our McAfee anti-virus software were made available late August. If you have not yet done so, follow the directions at http://www.haverford.edu/acc/virus/xpantivirus.html to install VirusScan 8.

V. RECOMMENDED ACTION - STUDENTS, FACULTY, ACADEMIC STAFF, and ALL HOME MACINTOSH COMPUTER USERS

Although Macintosh systems are not included in this alert, Macintosh users should confirm they are current with OS and Virus updates by following the instructions below.

  1. Install all Macintosh OS critical updates.
    1. Under the Apple Menu select System Preferences.
    2. Double-click on Software Update.
    3. Check the option to Automatically check for updates weekly.
    4. Run Check Now
    5. Install required updates and reboot if prompted.
    6. Repeat steps above until all needed updates are installed.
  2. If you have not yet done so, set your computer to automatically download new Mac updates.
  3. Install all Office critical updates. Navigate to http://www.microsoft.com/mac/downloads.aspx and install the updates appropriate to your version of Office.
  4. New versions of our McAfee antivirus software were made available late August. If you have not yet installed the current versions, following the directions at http://www.haverford.edu/acc/virus/macantivirus.html.
  5. Confirm that you have the most recent virus definitions.
    1. Double-click on the Virex icon.
    2. Click on the eUpdate button.

VI. PRACTICE SAFER COMPUTING ALL THE TIME

Always follow the guidelines to Protect Your Computer at http://www.haverford.edu/acc/protect/.

VII. FOR FURTHER ASSISTANCE

Students, faculty and academic staff please contact Academic Computing:
Telephone: 610-896-1480
Email: helpdesk@haverford.edu
Web: http://www.haverford.edu/acc/helpdesk/
In Person: Stokes 204 9am to 5pm, Monday through Friday and until 9am to 9pm on Tuesdays.

Administrative staff please contact Administrative Computing:
Telephone: 610-896-1355
Email: admincc@haverford.edu

VI. MORE INFORMATION

Additional information about computer security and current threats can be found at the following sites:

United States Computer Emergency Readiness Team (US-CERT )
<http://www.us-cert.gov/nav/nt01/>
McAfee Avert Threat Center
<http://www.mcafee.com/us/threat_center/default.asp>
Microsoft Security
<http://www.microsoft.com/security/>
Apple Product Security
<http://www.apple.com/support/security/>

For Questions and Comments, contact Haverford College's Academic Computing Center.
Last updated on November 16, 2006

HC HomeCampus DirectoryHaverford College Library ResourcesHaverford College Web Search EngineAcademic DepartmentsACC Home