[IS&T Security-FYI] SFYI Newsletter, February 7, 2011

Monique Yeaton myeaton at MIT.EDU
Mon Feb 7 12:12:50 EST 2011 

In this issue:


1. February 2011 Microsoft Security Updates

2. Microsoft Issues Temporary Fix for IE Flaw

3. What is Whole Disk Encryption?

4. VirusScan Enterprise 8.8 for Windows Released



---------------------------------------------------------

1. February 2011 Microsoft Security Updates

---------------------------------------------------------


This month's security updates from Microsoft, to be released on Tuesday, February 8, contain 12 bulletins that will address 22 vulnerabilities in various systems. Among the patches are three for zero-day vulnerabilities. Three of the 12 bulletins are rated critical.


Systems affected:

 *   Internet Explorer
 *   Windows
 *   Windows Server
 *   Visio


Read the full February security bulletin:

<http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx>



----------------------------------------------------------

2. Microsoft Issues Temporary Fix for IE Flaw

----------------------------------------------------------


On January 31, Microsoft issued an advisory warning of a critical flaw in Windows that affects all currently supported versions of Internet Explorer (IE). Microsoft has issued a temporary workaround for users (see the Microsoft advisory below) so they can protect their computers until a more permanent fix is available. This flaw will NOT be fixed with this month's Patch Tuesday security updates. The flaw affects the way IE handles certain documents and web pages and could be exploited to take control of vulnerable computers or to steal information. All supported Windows systems are affected.


Read the Microsoft advisory:

<http://www.microsoft.com/technet/security/advisory/2501696.mspx>


Read the story in the news:

<http://www.computerweekly.com/Articles/2011/02/07/245286/Microsoft-Patch-Tuesday-update-excludes-fix-for-MHTML.htm>



-------------------------------------------

3. What is Whole Disk Encryption?

-------------------------------------------


Many companies are switching from traditional desktop computers to laptops as the price of portability has plummeted. Meanwhile, adoption of full disk encryption has accelerated. Unfortunately, many users are overconfident in the magical and misunderstood security blanket of "being encrypted."


Users who are protected through encryption begin to engage in riskier activities. When end-users have encryption, they may understand that to mean that their hard disk is jumbled and can only be unlocked with their secure password, but what they might not understand is that when their computer is on, this no longer applies.


This Hermes article begins to unravel some of the mysteries of encryption: <http://kb.mit.edu/confluence/x/g4Vh>


PGP is full disk encryption software that was chosen by IS&T to protect MIT's high-risk data. It is used by personnel who need to protect sensitive personal information on laptops and desktops.


To learn more, visit the PGP Frequently Asked Questions page:

<http://kb.mit.edu/confluence/x/Cwta>



----------------------------------------------------------------

4. VirusScan Enterprise 8.8 for Windows Released

----------------------------------------------------------------


IS&T announced the release of McAfee VirusScan 8.8 for Windows today. According to the announcement, VirusScan 8.8 offers many new features and improvements including AntiSpyware, support for Office 2010 and Outlook on-demand email scanning.


For more information and/or to download VirusScan 8.8 for Windows visit:

<http://ist.mit.edu/services/software/virusscan/enterprise<http://ist.mit.edu/services/software/virusscan/enterprise/88?random=1296757645471>>.




===========================================================================================


To read all current and archived articles online, visit the Security-FYI Blog at <http://securityfyi.wordpress.com/>

Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20110207/6887c8c7/attachment.htm

More information about the ist-security-fyi mailing list