|Title||Start Date & Time||End Date & Time|
|Service Issue Reported: Campus Wireless||Monday, February 12, 2018 - 10:05am|
|Service Issue Updated: Student Account Access||Friday, February 9, 2018 - 12:39pm|
|Service Issue Reported: Power outage on East Campus||Tuesday, February 13, 2018 - 1:40pm|
|Service Restored: Intermittent issues with the Federated Identity Service||Monday, February 19, 2018 - 10:16am||Monday, February 19, 2018 - 10:51am|
|Service Maintenance Scheduled: Digication||Sunday, February 25, 2018 - 4:00am||Sunday, February 25, 2018 - 6:00am|
|Service Maintenance Scheduled: Campus Firewall||Wednesday, February 28, 2018 - 5:30am||Wednesday, February 28, 2018 - 6:30am|
Malicious software, referenced in media reports and antivirus vendors as Flashback, is reportedly infecting Apple Macintosh machines when users browse the internet and encounter maliciously crafted web sites. The attack uses a vulnerability in Java for OS X for which Apple provided a patch on April 5, 2012.
Once the malicious software has been installed attackers attempt to steal personal information including passwords, banking information and more. The malicious software will also contact a command and control server to download additional malware or instructions. This malware can be used to continue the outbreak and to control the end users machine without their knowledge or permission.
The IT Security Office advises updating as soon as possible. Updates may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads website.
We are continuing to see reports of new Flashback variants which are causing problems for the Flashback detection utility we had previously posted on this Security Notice. IT Security has been monitoring network traffic for indications of infected systems.If we believe your system is infected, we will contact you and ask you to contact our IT Service Center.
As a reminder, the university will never send email asking for your highly confidential data (e.g. passwords, SSNs, credit card numbers, etc.) and you should be suspicious of messages that direct you to provide this information.
Apple has released a Flashback Removal Tool as an update to OS X Lion (10.7) and updates for Java on Mac OS X 10.6 that include a Flashback Removal Tool. These updates address vulnerabilities that could allow malicious users to execute arbitrary code, steal highly confidential data and take control of affected computers. Learn more.
This Java update disables the Java applet plug-in by default in Java Preferences. As you may know, the campus’s Network Connect VPN requires that the Java applet plug-in be enabled in order to connect. Learn more about this issue and how to enable the Java applet plug-in.
Security Bulletin Names:
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.