[IS&T Security-FYI] SFYI Newsletter, May 14, 2013

Tue May 14 15:01:06 EDT 2013

In this issue:

1. Microsoft Security Updates for May 2013

2. Ouch! Newsletter on Passwords

3. Security Awareness Videos

4. The Disasters of a Backup Failure

----------------------------------------------------------

1. Microsoft Security Updates for May 2013

----------------------------------------------------------

Today, Tuesday May 14, Microsoft is releasing ten security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms13-may> for newly discovered vulnerabilities in the following systems:

  *   Internet Explorer
  *   .NET Framework
  *   Lync
  *   Microsoft Publisher, Word and Visio
  *   Windows Essentials

It is recommended to accept the updates if you are running Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT.

MIT WAUS subscribers will receive the updates after they have been tested in the MIT environment.

As usual, Microsoft is also releasing an updated version of the Microsoft Windows Malicious Software Removal Tool.

Two new advisories of vulnerabilities have also been posted: Update Rollup for ActiveX Kill Bits<http://technet.microsoft.com/en-us/security/advisory/2820197> and Vulnerability in Microsoft Malware Protection Engine<http://technet.microsoft.com/en-us/security/advisory/2846338>.

----------------------------------------------

2. Ouch! Newsletter on Passwords

----------------------------------------------

Passwords are one of the primary ways we prove who we are. This month's issue of Ouch! covers how to create strong passwords using pass phrases and the best ways to protect them. You can download the English version (.pdf) here<http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201305_en.pdf>.

More tips on password strength can be found in the Knowledge Base<http://kb.mit.edu/confluence/pages/viewpage.action?pageId=7144415>.

----------------------------------------

3. Security Awareness Videos

----------------------------------------

SANS has regularly been posting a new security awareness video as part of an effort to make every month security awareness month. These Securing the Human videos will also be featured as part of the security courses soon to be offered through the MIT Learning Center. Look for these courses in the online catalog as they become available in the summer of 2013.

The newest Securing the Human video of the month from SANS is "Cloud Security."<http://www.securingthehuman.org/resources/ncsam> This video explains what the Cloud is and how you can use it more securely.

-------------------------------------------------

4. The Disasters of a Backup Failure

-------------------------------------------------

Have you ever lost the latest work you had done on a file due to some kind of computer or software failure and realized you didn't back it up? Or maybe somehow you deleted the one version of the file you had backed up?

Think of all the files you keep on your computer: work documents, personal documents, emails, music, photos, and home videos. Do you have second copies of these stored somewhere so that, should disaster strike, you can restore them?

If you haven't made second copies, then let's look at all the ways you could lose data easily: a residential fire, a stolen or lost laptop, a hard drive that crashes (which apparently occurs somewhere in the world every 15 seconds) or a computer virus!

Not scared yet? View this infographic from Online Backup Geeks<http://www.mactricksandtips.com/wp-content/uploads/2013/05/Backup-Battalion-Saves-World-From-Intergalactic-Data-Disasters-copy1.jpg> (click on the image to zoom in) to see how major companies or organizations lost important data, including the backup recordings of the Apollo 11 landing, Toy Story 2, and the personal phone data of T-Mobile customers nationwide.

Let us avoid these kinds of disasters. See how you, as an MIT community member, can preserve your data and restore files using Tivoli Storage Manager<http://ist.mit.edu/backup>, a service provided by Information Services & Technology.

===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================

Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130514/5ef7f40e/attachment.htm