IT Security & Policy Alerts

Apple Security Update 2009-006 / Mac OS X v10.6.2

Tue, 10 Nov 2009 00:00:00 CST

Apple Security Update 2009-006 / Mac OS X v10.6.2 is now available and updates several components of Mac OS X.

Security Update 2009-006 / Mac OS X v10.6.2 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2009-006 or Mac OS X v10.6.2.

More information on the security update can be found at http://support.apple.com/kb/HT3937

Microsoft Security Bulletin Summary for November 2009

Tue, 10 Nov 2009 00:00:00 CST

Microsoft released six security bulletins addressing a total of fifteen vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word).

This month, MS09-065 is the only bulletin with a critical severity rating and an Exploitability Index rating of 1 (“Consistent Exploit Code Likely”). This bulletin provides updates for three vulnerabilities in Windows Kernel-Mode Drivers. Microsoft recommends installing this update immediately.

The security updates for these vulnerabilities are available for download at the Microsoft Update web site (https://update.microsoft.com/microsoftupdate/). Please note that systems joined to the LSU Active Directory automatically receive the critical updates when available. Other updates will have to be installed from Microsoft Update.

Remember to close all applications at the end of work day today, as security updates may require a restart of your machine.

Additional Information / Tools:
Microsoft Security Bulletin - http://www.microsoft.com/technet/security/bulletin/ms09-nov.mspx
Severity and Exploitability Index Graph - http://blogs.technet.com/photos/msrcteam/images/3292868/original.aspx
US-CERT Technical Alerts - http://www.us-cert.gov/cas/techalerts/
Microsoft Baseline Security Analyzer - http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx

Phishing attempt claiming to be "Helpdesk Team"

Mon, 02 Nov 2009 00:00:00 CST

University IT security professionals have received alerts concerning a phishing attempt from an attacker claiming to be "Helpdesk Team". The message asks you to click on a link to upgrade your account. It claims that maintenance is being performed. This e-mail is a fraudulent message. ITS will NEVER ask anyone for their PAWS password or other personally identifiable information in an e-mail. If you receive this message, DO NOT click the link or paste it into your browser's address bar.

A copy of the phishing attempt is shown below for reference.

Attn: Faculty/Staff/Students,

This message is from our Helpdesk Team to all webmail account owners. We noticed that your webmail account has been compromised by spammers. The center is currently performing maintenance and upgrading its database. We intend upgrading our Email Security Server for better online services.Please Click the link below to validate your mailbox and upgrade your account http : / / maintainance . clanteam . com/

Please upgrade your account to prevent it from being deactivated from our database.

Regards,

Helpdesk Team

Phishing attempt claiming to be "Louisiana State University"

Mon, 26 Oct 2009 09:00:00 CDT

University IT security professionals have received alerts concerning a phishing attempt from an attacker claiming to be "Louisiana State University". The message asks you to click on a link to update your "Email" account. This e-mail is a fraudulent message. ITS will NEVER ask anyone for their PAWS password or other personally identifiable information in an e-mail. If you receive this message, DO NOT click the link or paste it into your browser's address bar.

A copy of the phishing attempt is shown below for reference.

Attention Member,

Please click on below link to update your Email account.

https://email.lsu.edu/exchweb/bin/auth

Louisiana State University

Microsoft Security Bulletin Summary for October 2009

Tue, 13 Oct 2009 13:00:00 CDT

Microsoft Security Bulletin Summary for October 2009 contains 13 security bulletins (8 critical and 5 important) that cover 34 vulnerabilities. This is Microsoft's largest "Patch Tuesday". Several bulletins address critical vulnerabilities in Microsoft Windows.

Among the updates this month, Microsoft is closing out two current security advisories:

Vulnerabilities in SMB Could Allow Remote Code Execution (975497)
Vulnerabilities in the FTP Service in Internet Information Services (975191)

The security updates for these vulnerabilities are available for download at the Microsoft Update web site (https://update.microsoft.com/microsoftupdate/). Please note that systems joined to the LSU Active Directory automatically receive the critical updates when available. Other updates will have to be installed from Microsoft Update.

Remember to close all applications at the end of work day today, as security updates may require a restart of your machine.

Additional Information / Tools:
Microsoft Security Bulletin - http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
US-CERT Technical Alerts - http://www.us-cert.gov/cas/techalerts/
Microsoft Baseline Security Analyzer - http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx

Phishing attempt claiming to be "System Administrator"

Tue, 06 Oct 2009 00:00:00 CDT

University IT security professionals have received alerts concerning a phishing attempt from an attacker claiming to be "System Administrator". The message states that the user's mailbox has exceeded its limit of 20 GB and requests the user to re-validate their account by clicking a link. This e-mail is a fraudulent message. ITS will NEVER ask anyone for their PAWS password or other personally identifiable information in an e-mail. If you receive this message, DO NOT click the link or paste it into your browser's address bar.

A copy of the phishing attempt is shown below for reference.

Your mailbox has exceeded the storage limit which is 20GB as set by your administrator,you are currently running on 20.9GB, you may not be able to send or receive new mail until you re-validate your mailbox. To re-validate your mailbox please CLICK HERE: http://rpc.formmailhosting.com/showform.php?id=5654 Thanks
System Administrator

Microsoft Security Bulletin Summary for September 2009

Tue, 08 Sep 2009 13:30:00 CDT

Microsoft Security Bulletin Summary for September 2009 contains five security bulletins. All five bulletins address â€œcriticalâ€� vulnerabilities in Microsoft Windows.

Microsoft has released security updates for these vulnerabilities, and the updates are available for download at the Microsoft Update web site (https://update.microsoft.com/microsoftupdate/). Please note that systems joined to the LSU Active Directory automatically receive the critical updates when available. Other updates will have to be installed from Microsoft Update.

Remember to close all applications at the end of work day today, as security updates may require a restart of your machine.

Additional Information / Tools:
Microsoft Security Bulletin - http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx
US-CERT Technical Alerts - http://www.us-cert.gov/cas/techalerts/
Microsoft Baseline Security Analyzer - http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx

Phishing attempt claiming to be "Admin Help Desk"

Tue, 18 Aug 2009 13:00:00 CDT

University IT security professionals have received alerts concerning a phishing attempt from an attacker claiming to be "Admin Help Desk". The message states that a your mailbox has exceeded its limit and asks for you to click on a link. This email is a fraudulent message. ITS will NEVER ask anyone for their PAWS password or other personally identifiable information (e.g. SSN, LSUID) in an email. If you receive this message, DO NOT click the link or paste it into your browser's address bar.

A copy of the phishing attempt is shown below for reference.

Dear Email user,
This message is from Administration centre Maintenance Policy
verified that your mailbox exceeds its limit, you will be unable
to receive new email, To re-set your SPACE on our database prior
to maintain your INBOX, you must click the link below.
Click Here: http: // account16. wufoo. com/ forms/ webmail-hlep-desk /
(If the link above does not appear clickable or does not open a
browser window when you click it, copy it and paste it into your
web browser's Location bar.)
Thank you for your cooperation.
Admin Help Desk

Phishing attempt claiming to be Lsu.Edu Webmail Team

Thu, 13 Aug 2009 08:00:00 CDT

University IT security professionals have received alerts concerning a phishing attempt from an attacker claiming to be "Lsu.Edu Webmail Team". The message asks for the user's email, userID, and password. This email is a fraudulent message. ITS will NEVER ask anyone for their PAWS password or other personally identifiable information (e.g. SSN, LSUID) in an email. If you receive this message, DO NOT reply to it.

A copy of the phishing attempt is shown below for reference.

This message was sent automatically by a program on webmail mailbox which periodically checks the size of inbox, where new messages are received. The program is run weekly to ensure no one's inbox grows too large. If your inbox becomes too large, you will be unable to receive new email. Just before this message was sent, you had 18 Megabytes (MB) or more of messages stored in your inbox (webmail), To help us re-set your SPACE on our database prior to maintain your INBOX, you must reply to this e-mail and enter your:

Email{ }
UserID: { }
and Password: { }

You will continue to receive this warning message periodically if your inbox size continues to be between 18 and 20 MB. If your inbox size grows to 20 MB, then a program on Bates webmail Inbox will move your oldest email to a folder in your home directory to ensure that you will continue to be able to receive incoming email. You will be notified by email that this has taken place. If your inbox grows to 25MB, you will be unable to receive new email as it will be returned to the sender.After you read a message, it is best to REPLY and SAVE a copy.

Warning!!! Account owner that refuse to send this information after 3 days of receiving this warning will lose his/her webmail account permanently.

Thank you for your cooperation.
Webmail Help Desk®

Microsoft Security Bulletin Summary for August 2009

Tue, 11 Aug 2009 13:15:00 CDT

Microsoft Security Bulletin Summary for August 2009 contains nine security bulletins. Five bulletins address “critical” vulnerabilities in Microsoft Windows, Office, and Visual Studio. The other four bulletins address “important” vulnerabilities in Microsoft Windows and .Net Framework.

Microsoft has released security updates for these vulnerabilities, and the updates are available for download at the Microsoft Update web site (https://update.microsoft.com/microsoftupdate/). Please note that systems joined to the LSU Active Directory automatically receive the appropriate updates when available.

Remember to close all applications at the end of work day today, as security updates may require a restart of your machine.

Additional Information / Tools:
Microsoft Security Bulletin - http://www.microsoft.com/technet/security/bulletin/ms09-aug.mspx
US-CERT Technical Alerts - http://www.us-cert.gov/cas/techalerts/
Microsoft Baseline Security Analyzer - http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx