[IS&T Security-FYI] SFYI Newsletter, September 26, 2008

Fri Sep 26 14:59:24 EDT 2008

In this issue:

1. Security Awareness Day at MIT
2. Apple Releases Mac OS X 10.5.5
3. The Myth About Macs

-------------------------------------------
1. Security Awareness Day at MIT
-------------------------------------------

Save the date for Security Awareness Day
2 – 5 pm, Wednesday, November 5, 2008 at the Media Lab in E-15  
(Wiesner Building)

You are invited to come hear security professionals speak about  
important security issues --- cyber security online and physical  
security on campus. Speakers include Scott Bradner (Technology  
Security Officer at Harvard), John DiFava (Director of Facilities  
Operations and Security), and Tom Jagatic (Senior IT Security  
Consultant at MIT). Learn about the latest trends in information  
security, Internet threats, and laptop safety, and what you can do to  
protect yourself. Informational tables, partner vendors, prizes, and  
give-aways all await attendees.

---------------------------------------------
2. Apple Releases Mac OS X 10.5.5
---------------------------------------------

Systems affected:

  * Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and  
10.5.4 (Leopard)
  * Apple Mac OS X Server versions prior to and including 10.4.11  
(Tiger) and 10.5.4 (Leopard)

Apple has released Security Update 2008-006 and Mac OS X version  
10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X  
and Mac OS X Server. The update also addresses vulnerabilities in  
other vendors' products that ship with Apple Mac OS X or Mac OS X  
Server. Attackers could exploit these vulnerabilities to execute  
arbitrary code, gain access to sensitive information, or cause a  
denial of service.

Important: If you have any reason to believe that the update will  
conflict with third-party applications running on your Mac, check with  
your IT administrator or the Computer Help Desk (computing- 
help at mit.edu). Back up your computer prior to installing any updates  
and quit all open applications. The installation process should not be  
interrupted even if the progress bar remains unchanged for several  
minutes.

Update using Software Update or the standalone installer which can be  
downloaded from Apple Downloads <http://www.apple.com/support/ 
downloads/>.

More about this update:
<http://support.apple.com/kb/HT2405>

-------------------------------
3. The Myth About Macs
-------------------------------

Myth: "I don't have to worry about viruses and worms because I have a  
Mac."

Truth: Macs with OS X are microcomputers, just like PC's with Windows  
XP or Vista, and the two are getting more alike every day. Macs are  
just as vulnerable to malware as PC's, but since Macs remain less  
numerous than PC's, they have been a "smaller target." This is  
changing. Not only is there a growing number of OS X viruses and worms  
in circulation, Mac users also face threats from "cross-platform"  
malware and software bugs that affect both OS X and Windows.

What to do: Always use high-quality, anti-virus software on your Mac  
and keep it up-to-date. Apply patches and updates regularly and  
promptly. If you want to be secure online, learn to make good choices  
about the web sites you visit, the software you install, and the  
attachments you open.

=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you  
for your password.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20080926/5e918d5a/attachment.htm