[IS&T Security-FYI] Newsletter, Jan. 25, 2007

Thu Jan 25 16:09:55 EST 2007

Hello readers,

I am changing the format of the IS&T Security FYI email a bit and  
making it into a weekly or bi-weekly newsletter depending on what  
makes most sense. As you may have noticed from the last email I sent,  
there are plenty of topics to discuss, and this format makes it  
easier to include more than one topic at a time. Please let me know  
what you think when you have a chance. If there are any topics you  
would like to see included, feel free to drop me a line at  
myeaton at mit.edu.

This issue includes:

1. Apple QuickTime Update
2. Security @ MIT blog site
3. Safety Tip of the Week

--------------------------------
1. Apple QuickTime Update
--------------------------------
Two weeks ago I warned you about a vulnerability that exists in the  
way Apple QuickTime handles specially crafted Real Time Streaming  
Protocol URL strings. This week Apple released Security Update  
2007-001 which addresses this issue.

The update can be downloaded manually from the Apple site here:  
http://www.apple.com/support/downloads/.
Mac and Windows users who have Software Update turned on in their  
preferences and already have QuickTime 7.1.3 installed, will  
automatically receive the update. After downloading, you will be  
required to restart your computer.

If applicable, you may want to first check with your local IT support  
provider before installing patches on your system.

----------------------------
2. Security @ MIT Blog
----------------------------
At times there is information in the media or from other sources  
relating to IT security that we like to post or make comments on. We  
have developed a blog where our team contributes articles to on a  
regular basis. Some of these articles were also included in our  
regular Security-FYI emails. Please check out our blog and post a  
comment. We are open to suggestions and ideas on how to improve this  
tool for our audience.

https://bloggeroff.mit.edu/blogs/security/

-----------------------------
Safety Tip of the Week
-----------------------------
[As a regular feature of the newsletter, this section will include a  
safety computing tip of the week. If you have any suggestions for a  
tip, please pass it along!]

This week's tip:

Update your anti-virus program. I was talking to a colleague earlier  
today who said to me that she gets regular notices from her anti- 
virus program asking to update. She's been ignoring the messages  
because she wasn't sure what to do about it. Many people aren't aware  
how virus-protection software works and assume all is well just  
because they have a virus-protection program running on their  
computer. But that's not always the case.

Because new threats emerge all the time, your virus-protection  
software needs to be regularly updated so that it can catch the  
latest ones. You should therefor always update your virus protection  
software. VirusScan for Windows and Virex for Mac come pre-configured  
to do daily updates when downloaded off MIT's IS&T software website.  
You should let the program update itself in the background so that  
you aren't notified each time this happens. You can also manually  
update your program by visiting the McAfee site at http:// 
www.mcafee.com/us/downloads/.

To learn more:
http://web.mit.edu/ist/topics/virus/

If you have any questions please contact us at security at mit.edu or if  
you need help with your computer contact the Computing Help Desk at  
computing-help at mit.edu.

Happy computing,

Monique

=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20070125/52a320f5/attachment.htm