[IS&T Security-FYI] Newsletter, February 8, 2008
Monique Yeaton
myeaton at MIT.EDU
Fri Feb 8 11:46:09 EST 2008
In this issue:
1. IS&T Community Forum
2. Apple Quicktime Update 7.4.1
3. This Year's Resolutions
-----------------------------------
1. IS&T Community Forum
-----------------------------------
Come meet the IT Security Support team and other service groups who
work out of the Information Services & Technology department at MIT!
This year's event, being held on Wednesday, February 13 from 3:00 to
5:00 pm in W20-306 and W20-307, will feature a half hour presentation
session and a Services Trade Show of 10 tables showcasing many of
IS&T's community facing services. Community members will be able to
engage with IS&T staff to learn more about the services, ask
questions and give feedback. Light refreshments will be available.
Looking forward to seeing you there!
-------------------------------------------
2. Apple Quicktime Update 7.4.1
-------------------------------------------
It seems like just yesterday that Quicktime released security patch
7.4. This week Apple released another update to address a newly
discovered security vulnerability. By enticing a user to visit a
maliciously crafted webpage, an attacker may cause an unexpected
application termination or arbitrary code execution.
This update affects:
* Mac OS X v10.3.9
* Mac OS X v10.4.9 or later
* Mac OS X v10.5 or later
* Windows Vista, XP SP2
The update can be downloaded and installed via Software Update
preferences or from Apple Downloads.
<http://www.apple.com/support/downloads/>
-----------------------------------
3. This Year's Resolutions
-----------------------------------
At the start of a new year, the resolutions we make often involve
living healthier, working more efficiently, and doing those things
that we've put off for so long.
How about applying those same ideas to computer security? If you want
a healthy computer to prevent loss of work or time, and want to avoid
identity theft or fraud, try these on for size:
THIS YEAR I WILL:
1. Install quality anti-virus software and enable the desktop firewall.
<http://web.mit.edu/ist/topics/virus/>
<http://web.mit.edu/ist/topics/security/firewall.html>
2. Patch and update my security software, operating system, and
software applications regularly and appropriately.
<http://web.mit.edu/ist/topics/security/patch.html>
3. Learn how to recognize suspicious web addresses.
<http://cups.cs.cmu.edu/antiphishing_phil/quiz/index.html>
4. Be aware of security issues by keeping up with the news or through
education.
<http://www.first.org/newsroom/globalsecurity/>
<http://www.sans.org/>
5. Be careful when using a wireless network.
<http://netsecurity.about.com/od/hackertools/a/aa072004b.htm>
THIS YEAR I WILL NOT:
1. Open email attachments unless I know who the sender is and what is
in the attachment.
2. Click on links embedded in emails unless I know who sent the
message, what the link is for and where it will take me.
3. Fall for official-looking emails that ask for personal or
financial information.
4. Fall for free offers of copyrighted materials which may be tainted
with malware, and may be illegal to use.
<http://web.mit.edu/ist/topics/security/copyright/>
5. Participate in online social networking, or allow my children to,
without knowing the risks.
<http://www.netsmartz.org/>
Monique
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
More information about the ist-security-fyi
mailing list