[IS&T Security-FYI] SFYI Newsletter, July 16, 2013

Monique Yeaton myeaton at MIT.EDU
Tue Jul 16 16:17:40 EDT 2013 

In this issue:


1. Sophos Replaces McAfee at MIT

2. MIT Web Certificates Renewal Period

3. Kerberos Password Strengthening

4. July 2013 Security Updates from Apple and Microsoft



-----------------------------------------------

1. Sophos Replaces McAfee at MIT

-----------------------------------------------


There has been quite a bit of activity recently to improve information security at the Institute. One such effort, initiated by Information Services & Technology, is aimed at providing the MIT community with a new malware protection product. After several months of testing, Sophos Anti-Virus was selected<http://ist.mit.edu/news/sophos_antivirus> by IS&T as the best solution.


As of July 1, you can download Sophos<http://ist.mit.edu/software-hardware?type=16> to a Mac, PC or Linux machine; documentation on installing and using Sophos has been added to The Knowledge Base<https://kb.mit.edu/confluence/display/category/Sophos+Anti-Virus>.


Sophos is replacing the malware protection products by McAfee. One of the most important differences between the two is that Sophos comes with console management, which provides IT administrators with some useful intelligence, including notifications when malware has been detected on machines. The software has also shown to run more quietly (and almost invisibly) in the background.


Please contact the IS&T Help Desk<http://ist.mit.edu/help> for any questions or concerns.



-----------------------------------------------------

2. MIT Web Certificates Renewal Period

------------------------------------------------------


As happens each year around this time, your MIT personal web certificate requires renewal. Certificates will expire on July 31, 2013. To ensure continued access to MIT's secure web applications, such as Benefits, SAPweb, WebSIS, COEUS Lite, and ePaystubs, plan to renew in the coming weeks.


Certificates are a safe way for our web applications to identify you without you needing to type in a username and password. They must be installed on each browser for each computer that you use for accessing certificate-protected sites.


This KB article<https://kb.mit.edu/confluence/display/istcontrib/Certificates+at+MIT> can help you install/renew your certificates or troubleshoot any problems you encounter. If you still need help, please contact the IS&T Help Desk<http://ist.mit.edu/help>.


Because certificates may give you access to sensitive information, it's important to protect them with a strong Kerberos password. Please note that this year you may need to update your Kerberos password if you have not changed it in over a year. Additional information on new password requirements are mentioned in the article below.



--------------------------------------------------

3. Kerberos Password Strengthening

--------------------------------------------------


As part of the broader effort to strengthen campus security<http://web.mit.edu/newsoffice/2013/ruiz-letter-on-strengthened-campus-security-0402.html>, MIT has implemented some changes to certificate renewals and Kerberos passwords<http://ist.mit.edu/news/strong_passwords>. This includes:


  *   Stronger password requirements
  *   Password expiration policies tied to certificate renewal


This year when you renew your web certificate, you may notice that you will be required to change your password if it is more than a year old.


This article by IS&T<http://ist.mit.edu/news/strong_passwords> explains the changes and what this means for you and the MIT community.


We understand that it can be a challenge to choose a password you can remember and that is strong enough to meet the strength requirements. For more details on creating strong passwords and pass phrases, see this Strong Passwords article<http://kb.mit.edu/confluence/display/istcontrib/Strong+Passwords> in the Knowledge Base.



--------------------------------------------------------------------------

4. July 2013 Security Updates from Apple and Microsoft

---------------------------------------------------------------------------


Microsoft


On July 9th, Microsoft released seven security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms13-jul> that address multiple critical vulnerabilities. The systems affected include: Microsoft Windows, .NET Framework, Silverlight, Office, Visual Studio, Lync, Internet Explorer and Windows Defender.


It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested in the MIT environment.


Apple


On July 2nd, Apple released Security Update 2013-003<http://support.apple.com/kb/HT1222> to address flaws in Snow Leopard (Mac OS X 10.6.8), Snow Leopard Server, Lion (10.7.5), Lion Server and Mountain Lion (10.8.4). The flaws are primarily in the QuickTime player. Details of the security content of the update can be read here<http://support.apple.com/kb/HT5806>.



===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================


Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130716/2ad11886/attachment.htm

More information about the ist-security-fyi mailing list