[IS&T Security-FYI] SFYI Newsletter, September 10, 2012
Monique Yeaton
myeaton at MIT.EDU
Mon Sep 10 16:21:04 EDT 2012
In this issue:
1. Microsoft Security Updates for September 2012
2. Apple Update 2012-005 Fixes Java for OS X
3. Removing Electronic Paper Trails
---------------------------------------------------------------
1. Microsoft Security Updates for September 2012
---------------------------------------------------------------
On Tuesday, September 11, Microsoft will release two security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms12-sep> to address four vulnerabilities. Both bulletins have maximum severity ratings of important. The updates will affect:
* Microsoft Visual Studio Team Foundation Server 2010 SP 1
* Microsoft Systems Management Server 2003 SP 3
* Microsoft System Center Configuration Manager 2007 SP 2
The light load for September is to allow time to prepare for the October update which will invalidate all digital certificates that have RSA keys smaller than 1,024 bits. Microsoft is implementing the requirement to help protect users from the likes of Flame malware, which used spoofed Microsoft certificates.
Read more about the new encryption rule in the news<http://www.scmagazine.com/light-patch-tuesday-will-include-new-encryptiorule/article/257870/>.
------------------------------------------------------------
2. Apple Update 2012-005 Fixes Java for OS X
------------------------------------------------------------
Java for OS X 2012-005<http://support.apple.com/kb/DL1572> and Java for Mac OS X 10.6 Update 10<http://support.apple.com/kb/DL1573> are now available for 10.6.8, 10.7 or later and 10.8 or later. An opportunity for security-in-depth hardening is addressed by updating to Java SE 6 to 1.6.0_35. Quit any web browsers and Java applications before installing the update, which is available through Software Updates on the Mac OS X system or from the Apple website<http://support.apple.com/downloads/>.
----------------------------------------------
3. Removing Electronic Paper Trails
----------------------------------------------
Just as you wouldn't leave a sensitive document in a copier, it's important not to create an electronic paper trail when using browsers to view or download private information. This is especially important on shared and public computers or mobile devices because of their accessibility to others.
This IS&T News article<http://ist.mit.edu/news/securedata> provides further information and resources for how to configure your browser to remove the bits of information that could compromise your personal information if left behind in the browser's cache or history.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120910/53a3be91/attachment.htm
More information about the ist-security-fyi
mailing list