Recently in Security Category

Microsoft has released several new critical updates for Office 2007 and Vista.  As a result, you may experience multiple reboots during the early part of next week while these updates are downloaded by your computer and installed.  If you're working on sensitive or important files during these updates, you will be able to delay the reboot process when prompted for the next two weeks, after which time your computer will automatically reboot itself. Vista computers may need to immediately reboot after the Vista update is installed.

Please note that shutting your computer down may be delayed up to one hour after you  attempt to power down your computer. If you don't take your computer home with you, simply leave the computer on to install these updates and allow it to shut itself down. If you use a laptop that you frequently take home, please allow time in the next week or so to allow your computer to fully download and install these updates after you shut down your computer.

We apologize for any inconvenience this may cause. If you have any questions, please contact the IT Help Desk at 573-341-HELP.

Apple has issued software update 3.0.1 for the iPhone to patch a critical security vulnerability. If you use an iPhone, you should update it at your earliest convenience.

Step-by-step directions for updating your iPhone software are available on the IT website at:
http://helpdesk.mst.edu/generalinfo/reference_center/iphoneupdate.html

If you have any questions, please contact the IT Help Desk at 573-341-HELP.

If you use a home wireless router, you may be vulnerable to a worm that's corrupting home wireless routers.

Per the article linked above here are a few tips for protecting your home wireless router:

• Make sure your router's security features are turned on and that your wireless network is password protected.Many people don't use this feature, but not securing your network can make you more vulnerable to malicious attacks
  
  
• Don't use the default network name and password that came with your router. The router bug automatically runs through many of the factory default passwords.  For more information on strong passwords, visit IT Security's password section.
  
  
• While it won't protect your router, you can help keep you computer data safe by installing and using a good anti-virus program. Missouri S&T faculty, students and staff can download free anti-virus software here.

If you have any questions about your particular router make and model, contact the vendor's customer service department.

Several customers on campus have reported receiving potentially harmful web links via university email disguised as e-greeting cards.  IT Security would like to remind you that it's not a good idea to click on these electronic greetings, as many of them contain viruses and malware intended to harm your computer.  The general rule of thumb is that you should NEVER click on a web link unless you're sure where it will take you.

If you have any questions about this issue, or think you may have loaded malware on your computer, please contact the IT Help Desk at 573-341-HELP (4357).

Please take a moment to read through this information regarding a computer security threat that has popped up on a handful of campus computers. Following a few commonsense guidelines can help protect your computer and potentially save you the hassle of losing saved data or having your computer run substantially slower.

What to look for to avoid the threat:

• The security threat has appeared under several different names, including Antispyware 2009, Antivirus 2009 or any combination of "antispyware" or "antivirus" along with a four-digit year. It looks like a legitimate warning. If your computer prompts you to install or update similar-sounding software, don't accept it.
  Note: Almost all of the university-owned computers run a legitimate antivirus software package called McAfee Antivirus that occasionally runs updates.
• Microsoft is very meticulous about proper grammar and spelling. Any popup windows or prompts with typos or strange syntax should give you a clue that something is wrong.
• Finally, don't click on or accept anything that looks suspicious or if you're not sure what it is. Even if the item in question is legitimate, it's better to ask for verification before proceeding if you have any doubts.

Signs the malicious file may already be on your computer:

• Your Internet redirects you to sites you did not enter in your browser's address bar.
• You are unable to connect to the network.
• You notice files or saved data is missing.

What to do if you notice something suspicious:

• Call the IT Help Desk immediately at 573-341-HELP (4357).
• Don't accept any antivirus updates or click 'OK' on any popup windows until you check with the Help Desk.
• If you think there is something malicious on your computer, call the Help Desk to set up a time for IT to come and assist you.

IT Security is aware of a spamming attempt to the all student listserv. Please disregard any mail that shows undeliverable mail from your account to the all student campus listserv.

We are still investigating the issue so that preventative measures can be taken and the culprit identified. We apologize for any inconvenience.

If you have any questions about the legitimacy of an email you receive, please forward the email, including its original header, to security@mst.edu or call the IT Help Desk at 573-341-HELP.

IT will be performing updates on all IT-managed Windows and Linux servers on the evening of Thursday, April 17 sometime between 10 p.m. and 2 a.m.

During the maintenance window, customers may have difficulty accessing a number of services, including email, web applications, applications that need to access the licensing servers, and any other service hosted on the campus Windows-based or Linux-based servers.

Service interruptions will last up to 30 minutes, depending on which service and servers are updated. Customers should save their work before the servers are updated to prevent loss of data.

For more information, please contact the IT Help Desk at 573-341-HELP.

IT Security has recently identified several suspicious emails that have been circulated to Missouri S&T email accounts.

A few key things to remember to help protect your computer and your personal information:
1. Never give your username and password to someone via email. Missouri S&T will NEVER ask for your password.
2. If you a suspicious email or an email from someone you don't know, you should NOT open the url link.
3. Please forward suspicious emails to IT Security.

If you have any questions or aren't sure about a suspicious email you've recieved, please contact the IT help Desk at 573-341-HELP.

Does this look familiar?

In the wee hours of this morning, Missouri S&T mailboxes were flooded by "phishing" messages. The lures of choice were emails supposedly from "CentralBank" with the subject of "Security Measures". IT's Information Security team has taken steps to block the website linked in the offending messages, but the campus community should still watch out for these fraudulent messages and delete them from their mailboxes.

This latest scam was the result of a compromised student account on another University of Missouri campus. So, please remember to NEVER share your Missouri S&T password with anyone and know that the University will NEVER ask for your password via email.

For additional information regarding "phishing" scams and for tips on how to avoid getting "hooked", check out http://helpdesk.mst.edu/generalinfo/security/phishing.html

Last week’s shootings at Northern Illinois University serve as a solemn reminder of the importance of campus emergency alert systems. Late last fall, an emergency alert system was created on this campus to immediately contact students, faculty and staff in the event of a high-level emergency. If you have not yet signed up for the Missouri S&T emergency notification system, go to the emergency alert registration page and sign up.