<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;">In this issue:</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">1. February 2014 Security Updates from Microsoft</div>
<div style="margin: 0px; font-family: Helvetica;">2. OUCH! Newsletter: What is Malware?</div>
<div style="margin: 0px; font-family: Helvetica;">3. Risks of International Travel</div>
<div style="margin: 0px; font-family: Helvetica;">4. For Fun: Information Security Problem</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">-------------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">1. February 2014 Security Updates from Microsoft</div>
<div style="margin: 0px; font-family: Helvetica;">-------------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">On Tuesday, February 11, Microsoft is releasing
<a href="http://technet.microsoft.com/en-us/security/bulletin/ms14-feb">five new security bulletins</a>. Two of the bulletins are critical. Microsoft systems that will be affected:</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<ul>
<li style="margin: 0px; font-family: Helvetica;">Windows (all current operating systems and servers)
</li><li style="margin: 0px; font-family: Helvetica;">Forefront Protection 2010 for Exchange
</li><li style="margin: 0px; font-family: Helvetica;">Microsoft .NET Framework </li></ul>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;">It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested for compatibility within the MIT computing environment. Installing the bulletins
manually may require a restart.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">On February 11, Microsoft is also planning to release the update for deprecation of MD5 hashing algorithm for the Microsoft root certificate program. The
<a href="http://technet.microsoft.com/en-us/security/advisory/2862973">announcement was made last August
</a>to give customers six months to take the necessary actions in their environments. </div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">The action on February 11 will officially
<a href="http://threatpost.com/microsoft-starts-countdown-on-eliminating-md5/101994">
restrict the use of digital certificates with MD5 hashes</a>. The change applies only to certificates used for server authentication, code signing and time stamping. Microsoft said it would not block other uses of MD5 and would allow signed binaries from before
March 2009. The general recommendation is that customers move to a stronger encryption algorithm such as SHA2 or better.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">2. OUCH! Newsletter: What is Malware?</div>
<div style="margin: 0px; font-family: Helvetica;">------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">This month’s issue of OUCH!, the monthly security awareness newsletter for computer users from SANS, explains what malware is, who is developing it and why and how to protect yourself against it.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">You can download or view a copy online here:</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;"><a href="http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201402_en.pdf">http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201402_en.pdf</a></div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">-----------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">3. Risks of International Travel</div>
<div style="margin: 0px; font-family: Helvetica;">-----------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Two weeks ago the International Coordinating Committee (ICC) at MIT hosted a presentation on international travel resources. Members of IS&T were there as co-presenters and addressed concerns regarding safe
computing, mobile devices and data protection while traveling. </div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">The event was well-attended but if you weren’t able to be there,
<a href="http://osp.mit.edu/grant-and-contract-administration/international-activities/international-coordinating-committee">
the slides can be viewed online</a> via the Office of Sponsored Programs website. A lot of the information presented by IS&T can also be found within
<a href="http://kb.mit.edu/confluence/x/ODIYCQ">this Knowledge Base article</a>.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">In addition, SANS shares a security awareness video each month, and this month it is on International Travel. The video explains the risks with international travel and how you can protect yourself and your
data. It will be available at the link below until the end of February.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;"><a href="http://www.securingthehuman.org/resources/ncsam">SANS: Monthly Awareness Video.</a></div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">-------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">4. For Fun: <a href="http://www.glasbergen.com/wp-content/gallery/technology-cartoons/toon567.gif">
Information Security Problem</a> </div>
<div style="margin: 0px; font-family: Helvetica;">-------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div style="margin: 0px; font-family: Helvetica;">Read all archived Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="color: rgb(4, 46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div apple-content-edited="true">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
Monique Buchanan<br>
IT Security Communications Consultant<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href="http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<span style="font-family: Helvetica;">"Distrust and caution are the parents of security" - Benjamin Franklin</span></div>
</div>
</div>
<br>
</body>
</html>