[IS&T Security-FYI] SFYI Newsletter, February 6, 2012

Mon Feb 6 17:17:56 EST 2012

In this issue:

1. Kerberos Passwords: Maybe Time to Update

2. Apple Issues Security Update

------------------------------------------------------------

1. Kerberos Passwords: Maybe Time to Update

------------------------------------------------------------

You may already be aware of the changes to be made to MIT's wireless network this year. The open wireless networks, MIT and MIT N are going away some time in 2012. To use the wireless network after the change, you have three options for connecting: MIT SECURE, MIT SECURE N and MIT GUEST.

Both MIT SECURE and MIT SECURE N require you to use your Kerberos user name and password to authenticate when logging on for the first time. If you're like many of us, you might not have changed your Kerberos password<http://ist.mit.edu/password> in a while. This is a good time to think about updating your password and making it secure. Here's why:

  *   Old passwords may not meet the more stringent requirements of the MIT Kerberos password policy<http://ist.mit.edu/security/passwords#heading2> of length and character complexity.
  *   Because of recent improvements to the network, old passwords may not be accessible from MIT's network server, the Windows Exchange Active Directory, which you will be authenticated against. This could cause a failure to connect to the wireless network.
  *   Updating your password on a regular basis, such as once a year, is a good idea.

Take the following steps to update your password:

  1.  Pick a new strong password that you can remember and no one else can guess. You can learn how by watching this video<http://video.about.com/netsecurity/Create-a-Secure-Password.htm> or by reading this Hermes article<http://kb.mit.edu/confluence/x/3wNt>. Note: longer is better.
  2.  If you know your current password you can update it online<http://web.mit.edu/password>.
  3.  If you have forgotten your password, you can use your MIT Personal Certificate to still change your password online. If you don't have the certificate, see this Hermes article<http://kb.mit.edu/confluence/x/gglB> for other options.

-----------------------------------------

2. Apple Issues Security Update

-----------------------------------------

Last Wednesday Apple released its first security update<http://support.apple.com/kb/HT5130> of 2012 for Mac OS X, patching more than 50 vulnerabilities. Updates are available for Mac OS X 10.7, known as Lion, and for 10.6, Snow Leopard.

Early adopters of the update running Snow Leopard and using Rosetta applications may have experienced some problems, but two days after the release, Apple provided a fixed update 2012-001 v.1.1. Users on Lion did not experience any issues with the original 1.0 update.

The Security Update is available through the Software Update tool built into the operating system or from Apple's Downloads<http://support.apple.com/downloads/> webpage.

IS&T at MIT recommends to always make sure to have a backup of your system before applying updates and patches. This situation also reminds us that, although it may be contrary to the intent of the security patches, it might be better to wait a few days before applying software updates. Just to ensure any bugs have been worked through.

See the full story in the news<http://tidbits.com/article/12768>.

===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================

Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120206/77442527/attachment.htm