<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; "><div><div><div><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this issue:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Apache Denial-of-Service Update</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. DigiNotar Certificates Threat Averted by Vendors</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Safer Browsing With Extensions</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=============================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Apache Denial-of-Service Update</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=============================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In the last Security FYI issue, we included a warning about the Apache webserver DoS (denial of service) attack vulnerability, in which a relatively low number of requests directed at the server cause a denial of service condition. After this warning went out, Red Hat released their patched Apache packages for RHEL 4, 5 and 6 on September 1.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Red Hat security update: <<a href="https://rhn.redhat.com/errata/RHSA-2011-1245.html%3E">https://rhn.redhat.com/errata/RHSA-2011-1245.html</a>></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><br></p><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=========================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. DigiNotar Certificates Threat Averted by Vendors</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=========================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Trust problems were caused when DigiNotar, a Dutch certificate authority, released fraudulent SSL certificates two weeks ago. All major operating system (OS) vendors and browser developers have since released updates revoking the DigiNotar certificate. </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Mozilla has released Firefox 3.6.22 and Firefox 6.0.2 to address this issue. Additional information can be found in the <a href="http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/">Mozilla Security Blog</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Microsoft has removed the DigiNotar root certificates from the Microsoft Certificate Trust List. This change affects all versions of Windows Vista, Windows 7, Windows XP, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2003. Additional information can be found in <a href="http://www.microsoft.com/technet/security/advisory/2607712.mspx?pubDate=2011-08-29">Microsoft Security Advisory 2607712</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Google Chrome users are protected from this attack due to Chrome's built-in certificate pinning feature. Google has also released Chrome 13.0.782.220 for Windows, Mac, Linux, and Chrome Frame to address this issue. Additional information can be found in the <a href="http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html">Google Security Blog</a> and in the Google Chrome Releases <a href="http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html">blog entry</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Apple has released <a href="http://support.apple.com/kb/HT4920">Security Update 2011-005</a> for Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion 10.7.1, and Lion Server 10.7.1 to address this issue.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe will be releasing an update to remove the DigiNotar certificate from the Adobe Approved Trust List. In the meantime, Adobe has released a <a href="http://blogs.adobe.com/psirt/2011/09/update-on-diginotar-and-the-adobe-approved-trust-list-aatl.html">blog entry</a> containing a work-around for Adobe Reader and Acrobat 9, and Adobe Reader and Acrobat X.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><br></p><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===========================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Safer Browsing With Extensions</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===========================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Did you know that you can make your browser even more secure by installing extensions? Let's take Firefox as an example and look at some Firefox add-ons that are designed to protect you when browsing the Web: </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<ul style="list-style-type: disc">
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Want to prevent ads from appearing on the sites you visit and that could potentially take you to more dangerous sites? Install Adblock Plus. </li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Need protection against JavaScript, Java and other executable content that could cause cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking) and Clickjacking attempts? Install NoScript. </li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Would you like to know which sites to trust? Install WOT. </li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Want to know in which country the webserver resides that you're connected to? Install Flagfox. </li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Want to preview sites before you click on their links? Install CoolPreviews. </li><li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Ever wonder if you're being tracked by Google, eBay or YouTube and want to block them? Install BetterPrivacy or Ghostery.</li>
</ul>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Find out more about Firefox extensions here: <<a href="https://addons.mozilla.org/en-US/firefox/extensions/%3E">https://addons.mozilla.org/en-US/firefox/extensions/></a></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Chrome extensions: <https://chrome.google.com/extensions> </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Safari extensions: <https://extensions.apple.com/></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">IE extensions: <http://www.ieaddons.com/en/></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p></div><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-family: Helvetica; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">Monique Yeaton</span></span></span></span></span></span></div><div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">IT Security Communications Consultant</span></span></span></span></span></span></div><div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">MIT Information Services & Technology (IS&T)</span></span></span></span></span></span></div><div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">(617) 253-2715</span></span></span></span></span></span></div><div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">http://ist.mit.edu/security</span></span></span></span></span></span></div><div style="font-size: 12px; "><br class="khtml-block-placeholder"></div><br class="Apple-interchange-newline"></span></span></span></span></span></span></span></div></div></div></div></body></html>