[IS&T Security-FYI] SFYI Newsletter, August 19, 2013
Monique Yeaton
myeaton at MIT.EDU
Mon Aug 19 17:04:35 EDT 2013
In this issue:
1. August 2013 Security Updates from Microsoft
2. The MIT Network Security Policy
3. Android Malware Spreading Through Mobile Ads
----------------------------------------------------------------
1. August 2013 Security Updates from Microsoft
----------------------------------------------------------------
Last week Microsoft released eight security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms13-aug> to address vulnerabilities in the following systems:
* Microsoft Windows
* Microsoft Server
* Internet Explorer
It is recommended to accept the updates. The patches have been approved for deployment via MIT WAUS (Windows Automatic Update Services).
-----------------------------------------------
2. The MIT Network Security Policy
-----------------------------------------------
On April 2, earlier this year, the MIT News Office reprinted a letter<http://web.mit.edu/itgc/letters/security-memo.html> that Executive Vice President and Treasurer Israel Ruiz sent to the Academic Council detailing planned improvements in emergency preparedness, emergency communication protocols and network security practices.
The improvements, including implementation of the MITnet firewall, as well as password policies<http://kb.mit.edu/confluence/display/istcontrib/Strong+Passwords> are taking affect this summer.
For more details on the network security policy, see IS&T's Campus Security FAQ<http://kb.mit.edu/confluence/display/istcontrib/Campus+Network+Security+FAQ>.
Additional guidance on how eligible members of the MIT community can opt systems out of the campus network firewall can be found here<https://kb.mit.edu/confluence/pages/viewpage.action?pageId=151108614>.
Questions about these changes can be sent to cybersecurity-questions at mit.edu<http://cybersecurity-questions@mit.edu>.
--------------------------------------------------------------------
3. Android Malware Spreading Through Mobile Ads
--------------------------------------------------------------------
Malware targeting Android devices has been found to be spreading through mobile advertisement networks. Many developers include advertising frameworks in their apps to help boost profits. Advertisements in mobile apps are served by code that is part of the app itself. An attack scheme in Asia involved a rogue ad network pushing code onto devices. When users download and install legitimate apps, the malware prompts users to approve its installation, appearing to be part of the process for the app they have just downloaded.
Learn more in the news<http://www.computerworld.com/s/article/9241596/New_Android_malware_is_being_distributed_through_mobile_ad_networks>.
How to protect your Android device at MIT<http://kb.mit.edu/confluence/display/istcontrib/Android+at+MIT>.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130819/69e5d1ee/attachment.htm
More information about the ist-security-fyi
mailing list