[IS&T Security-FYI] SFYI Newsletter, June 19, 2012
Monique Yeaton
myeaton at MIT.EDU
Tue Jun 19 11:08:04 EDT 2012
In this issue:
1. Security Updates for June 2012
2. Apple Has An Updated Safety Message
3. LinkedIn Users Should Update Passwords
-------------------------------------------
1. Security Updates for June 2012
-------------------------------------------
Microsoft
Last Tuesday, June 12, Microsoft issued seven bulletins that addressed multiple security flaws. Three bulletins were labeled as critical. Systems affected:
* Windows
* Internet Explorer
* .NET Framework
* Office
* Visual Basic
* Dynamics AX
Read the full Microsoft Security Bulletin summary here<http://technet.microsoft.com/en-us/security/bulletin/ms12-jun>.
MIT WAUS<http://ist.mit.edu/waus> has released the patches to subscribers. They are also available through the operating system's Windows Update tool.
Adobe
Adobe released fixes for Flash Player last week. You can get the latest Flash Player for your browser from http://get.adobe.com/flashplayer/. If you are using Google Chrome, new versions of Flash Player will be automatically installed as they become available.
Oracle and Apple
Updates for Java were released in OS X 2012-004 and in OS X 10.6.9, bringing the latest release Java 6 update 33 and Java 7 update 5. These fixes address 14 vulnerabilities in Java and can be obtained from Java.com or by checking for updates on OS X Snow Leopard (10.6) and Lion (10.7).
-----------------------------------------------------
2. Apple Has An Updated Safety Message
-----------------------------------------------------
In its marketing material, Apple no longer tells customers they have to "do nothing" to keep their Macs malware-free. Mac malware is a reality these days, and although the problem may not be as significant as Windows malware, it still exists.
As this article from Sophos<http://nakedsecurity.sophos.com/2012/06/14/mac-malware-apple-marketing-message/> points out, "let's hope more Apple Mac owners are also learning to take important security steps, such as installing anti-virus protection."
---------------------------------------------------------
3. LinkedIn Users Should Update Passwords
---------------------------------------------------------
Earlier in June, news that more than 6.5 million passwords from LinkedIn were reported compromised. The passwords are encrypted, but the criminals who stole them, posted them and asked for help to crack the codes. Apparently they are in a format that makes them relatively easy to break.
As this site<http://www.forbes.com/sites/reuvencohen/2012/06/06/linkedin-hacked-a-few-apps-suggestions-for-protecting-your-online-passwords/> suggests:
If you haven't already done so, please update your LinkedIn password, which is even more important if you use the same password on LinkedIn as you do on other sites.
In addition, use a password management plugin on your browser to store and generate unique passwords and keep them safely encrypted in one place, protected by a single strong password.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120619/54086479/attachment.htm
More information about the ist-security-fyi
mailing list