<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Garamond, sans-serif; ">
<div>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; ">In this issue:</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">1. Sophos Replaces McAfee at MIT</p>
<p style="margin: 0px; font-family: Helvetica; ">2. MIT Web Certificates Renewal Period</p>
<p style="margin: 0px; font-family: Helvetica; ">3. Kerberos Password Strengthening</p>
<p style="margin: 0px; font-family: Helvetica; ">4. July 2013 Security Updates from Apple and Microsoft</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">1. Sophos Replaces McAfee at MIT</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">There has been quite a bit of activity recently to improve information security at the Institute. One such effort, initiated by Information Services & Technology, is aimed at providing the MIT community with
a new malware protection product. After several months of testing, <a href="http://ist.mit.edu/news/sophos_antivirus">
Sophos Anti-Virus was selected</a> by IS&T as the best solution. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">As of July 1, you can <a href="http://ist.mit.edu/software-hardware?type=16">
download Sophos</a> to a Mac, PC or Linux machine; documentation on installing and using Sophos has been added to
<a href="https://kb.mit.edu/confluence/display/category/Sophos+Anti-Virus">The Knowledge Base</a>.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Sophos is replacing the malware protection products by McAfee. One of the most important differences between the two is that Sophos comes with console management, which provides IT administrators with some useful
intelligence, including notifications when malware has been detected on machines. The software has also shown to run more quietly (and almost invisibly) in the background.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Please contact the <a href="http://ist.mit.edu/help">
IS&T Help Desk</a> for any questions or concerns.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">2. MIT Web Certificates Renewal Period</p>
<p style="margin: 0px; font-family: Helvetica; ">------------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">As happens each year around this time, your MIT personal web certificate requires renewal. Certificates will expire on July 31, 2013. To ensure continued access to MIT's secure web applications, such as Benefits,
SAPweb, WebSIS, COEUS Lite, and ePaystubs, plan to renew in the coming weeks. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Certificates are a safe way for our web applications to identify you without you needing to type in a username and password. They must be installed on each browser for each computer that you use for accessing
certificate-protected sites.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="https://kb.mit.edu/confluence/display/istcontrib/Certificates+at+MIT">This KB article</a> can help you install/renew your certificates or troubleshoot any problems you encounter. If you still need help,
please contact the <a href="http://ist.mit.edu/help">IS&T Help Desk</a>.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Because certificates may give you access to sensitive information, it's important to protect them with a strong Kerberos password. Please note that this year you may need to update your Kerberos password if you
have not changed it in over a year. Additional information on new password requirements are mentioned in the article below.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">--------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">3. Kerberos Password Strengthening</p>
<p style="margin: 0px; font-family: Helvetica; ">--------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">As part of the broader effort to
<a href="http://web.mit.edu/newsoffice/2013/ruiz-letter-on-strengthened-campus-security-0402.html">
strengthen campus security</a>, MIT has implemented some <a href="http://ist.mit.edu/news/strong_passwords">
changes to certificate renewals and Kerberos passwords</a>. This includes:</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style="margin: 0px; font-family: Helvetica; ">Stronger password requirements </li><li style="margin: 0px; font-family: Helvetica; ">Password expiration policies tied to certificate renewal
</li></ul>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">This year when you renew your web certificate, you may notice that you will be required to change your password if it is more than a year old.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="http://ist.mit.edu/news/strong_passwords">This article by IS&T</a> explains the changes and what this means for you and the MIT community. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">We understand that it can be a challenge to choose a password you can remember and that is strong enough to meet the strength requirements. For more details on creating strong passwords and pass phrases, see
this <a href="http://kb.mit.edu/confluence/display/istcontrib/Strong+Passwords">
Strong Passwords article</a> in the Knowledge Base.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">--------------------------------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">4. July 2013 Security Updates from Apple and Microsoft</p>
<p style="margin: 0px; font-family: Helvetica; ">---------------------------------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><b>Microsoft</b></p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">On July 9th, Microsoft released seven
<a href="http://technet.microsoft.com/en-us/security/bulletin/ms13-jul">security bulletins</a> that address multiple critical vulnerabilities. The systems affected include: Microsoft Windows, .NET Framework, Silverlight, Office, Visual Studio, Lync, Internet
Explorer and Windows Defender.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested in the MIT environment. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><b>Apple</b></p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">On July 2nd, Apple released <a href="http://support.apple.com/kb/HT1222">
Security Update 2013-003</a> to address flaws in Snow Leopard (Mac OS X 10.6.8), Snow Leopard Server, Lion (10.7.5), Lion Server and Mountain Lion (10.8.4). The flaws are primarily in the QuickTime player. Details of the security content of the update can be
read <a href="http://support.apple.com/kb/HT5806">here</a>.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Arial; ">===================================================================================</p>
<p style="margin: 0px; font-family: Arial; ">Read all Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/">http://securityfyi.wordpress.com/</a>.</p>
<p style="margin: 0px; font-family: Arial; ">===================================================================================</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
</div>
<div><span class="Apple-style-span" style="border-collapse: separate; font-family: Calibri; font-size: medium; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-family: Helvetica; font-size: 14px; ">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
<span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class="khtml-block-placeholder">
</div>
<br class="Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>