Notices
NSC-050210: Critical Security Updates
Microsoft released a large number of security patches for their software
on Tuesday, eight of which are rated "critical" importance. There have
since been reports of "exploits" (malicious code) already released on the
Internet which can attack and compromise machines which do not have the
newest patches applied.
Please ensure that IT support and/or computer users in your area apply the
available security patches to all Windows computers as soon as possible, to
prevent a compromise situation. Users can do a "Windows Update" to
self-check that they have all relevant patches applied to their systems.
It's almost certain that we will continue to see critical security patches
released by Microsoft on "Patch Tuesday" in
the future. If your department/unit does not yet have automated
processes implemented for managing Windows desktops, you should consider
using the Enterprise Client Management service to assist with the
efficient management of department machines. See
http://spa.its.uiowa.edu/ecm/ The service is available for departments
without dedicated IT support staff, as well as for those with IT support
staff.
We have confirmed that older versions of the Symantec Anti-Virus client are
susceptible to attack. Windows computers with Symantec Anti-Virus installed
older than version 9.0.1.1000 are at risk for a system compromise that
requires *no user intervention*. To check the installed version, double
click on the gold shield in the system tray at the lower
left on your screen, and check the Program: version. For Mac OS X
computers, you need to have Norton Anti-Virus version 9.0.2 for Mac OS X
installed. If version 9 is installed, a "LiveUpdate" will update the
program version along with the virus definitions. On machines running a
version older than 9, your IT support or users will need to install the
latest version available from the ITS Software download center. See
http://helpdesk.its.uiowa.edu/software/ If you have any questions please
contact the ITS Helpdesk at 384-4357 (4-HELP).