[IS&T Security-FYI] SFYI Newsletter, October 8, 2013
Monique Yeaton
myeaton at MIT.EDU
Tue Oct 8 09:50:13 EDT 2013
In this issue:
1. Adobe Network Attacked
2. Security Updates for Adobe Reader and Acrobat
3. October 2013 Security Updates from Microsoft
-------------------------------------
1. Adobe Network Attacked
-------------------------------------
Adobe's security team recently discovered sophisticated attacks on their network, involving the illegal access of information for approximately 2.9 million Adobe customers, as well as source code for numerous Adobe products. Adobe believes attacks may be related. They are working diligently, both internally and with partners and law enforcement, to address the incident.
Adobe recommends these steps<http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html?promoid=KHQGF>:
* Reset your Adobe ID and password.
* Protect yourself against phishing.
IS&T recommends using the same vigilance as always for safe computing. If you are taking proactive steps to secure your computer, including applying patches immediately after release, and using virus protection software, there is a good chance of avoiding any issues.
Read the full Adobe security alert.<http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html?promoid=KHQGF>
An MIT colleague mentioned to me that the Adobe security alert was also emailed out to Adobe customers. If you did receive one, you might be tempted to ignore it, or assume it is a scam.
As with all emails that might seem fake, be sure to verify that the email came from an Adobe email address and that any links embedded in the message truly link to an adobe.com web page. Other things to look for in "phishy" emails<http://kb.mit.edu/confluence/x/SBhB>.
--------------------------------------------------------------------
2. Security Updates for Adobe Reader and Acrobat
--------------------------------------------------------------------
Unrelated to the above problems, Adobe is planning to release security updates<http://www.adobe.com/support/security/bulletins/apsb13-25.html> on Tuesday, October 8 for Adobe Reader and Acrobat XI for Windows.
-----------------------------------------------------------------
3. October 2013 Security Updates from Microsoft
-----------------------------------------------------------------
On Tuesday, October 8, Microsoft is planning to release eight new security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms13-oct>. Affected software:
* Windows
* Internet Explorer
* Microsoft Office
* Microsoft Office for Mac
It is recommended to accept the updates. MIT WAUS subscribes will receive the updates after they have been tested for compatibility.
The updates include a fix for a zero-day vulnerability in Internet Explorer<http://www.zdnet.com/8-microsoft-patches-coming-including-ie-zero-day-7000021538/>, that is actively being exploited.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20131008/17068074/attachment.htm
More information about the ist-security-fyi
mailing list