http://www.security.ku.edu Welcome to the information technology security web site for The University of Kansas-Lawrence campus. This site exists to provide the KU community with tools and resources to maintain the security of information and the technology we use to manage it. en-us Copyright @ 2002-2004 University of Kansas Mon, 6 Oct 2008 17:36:01 CDT Alerts itsec@ku.edu itsec@ku.edu 45 http://mockingbird.cc.ku.edu/images/rss_alerts.gif http://www.security.ku.edu http://www.security.ku.edu/alerts/alert-viewer.jsp?id=69 Apple has released critical security updates for Java for Mac OS X and Mac OS X Server.Mon, 15 Sep 2008 08:59:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=69 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=68 The installation of Sophos Anti-Virus 7.6 via Sophos AutoUpdate will require a reboot.Fri, 05 Sep 2008 12:35:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=68 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=67 E-mails are arriving in users' inboxes with subject lines flagged with [VIRUS] and a message body indicating a virus file was found and removed from the message.Thu, 28 Aug 2008 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=67 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=66 The IT Security Office has received multiple reports of e-card notification e-mails which contain links to malicious software.Thu, 14 Aug 2008 14:17:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=66 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=65 The IT Security Office has received multiple reports of spam claiming to be a "news alert" from multiple sources. Links within these e-mails take the recipient to pages which attempt to download malware onto the victim computer.Wed, 13 Aug 2008 14:07:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=65 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=64 Large numbers of phishing messages from "KU Online Services" with a from address of "onlineservices@ku.edu" and a non-KU reply-to address have been reported to the IT Security Office.Sat, 02 Aug 2008 10:16:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=64 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=63 The IT Security Office has received numerous reports of "vishing" phone calls to KU students, faculty, staff, and other residents of Lawrence and surrounding areas.Wed, 02 Jul 2008 16:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=63 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=62 In Mac OS X 10.4 and 10.5, the Remote Management agent application used by Apple Remote Desktop can be used to execute code as a superuser.Thu, 19 Jun 2008 17:18:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=62 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=61 KU students, faculty, and staff are receiving phishing messages that advise them to click links, reply to the message, or call a telphone number and disclose sensitive personal information.Mon, 02 Jun 2008 11:25:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=61 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=60 The Safari web browser contains three serious vulnerabilities that have not yet been patched by Apple.Fri, 30 May 2008 13:23:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=60 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=59 Symantec has discovered an unpatched flaw in the current version of the Adobe Flash Player which is currently being exploited.Fri, 30 May 2008 09:56:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=59 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=54 ITSO has received multiple reports of fraudulent KU Credit Union e-mail messages advising the recipient to call a telephone number listed in the message.Fri, 09 May 2008 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=54 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=58 The Adobe Flash Player contains vulnerabilities that allow an attacker to use a maliciously crafted SWF file to take complete control over a vulnerable system.Wed, 09 Apr 2008 09:25:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=58 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=57 The IT Security Office has received reports of phishing e-mails purporting to come from helpdesk@ku.edu or "KU.EDU SUPPORT TEAM"Mon, 07 Apr 2008 12:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=57 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=56 Apple Security Update 2008-002 contains critical updates for multiple vulnerabilities in the Mac OS X and Mac OS X Server operating systems as well as software packages installed on those systems.Wed, 19 Mar 2008 14:35:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=56 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=55 Members of the University community have reported e-mails containing death threats to the IT Security OfficeWed, 27 Feb 2008 10:43:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=55 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=53 Apple QuickTime contains a stack buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition.Tue, 27 Nov 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=53 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=52 A malicious Trojan Horse has been found on several web sites, claiming to install a video codec necessary to view free videos on Mac OS X computers.Thu, 01 Nov 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=52 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=51 A bogus email is circulating that says it is from the Federal Trade Commission, referencing a "complaint" filed with the FTC against the email?s recipient.Wed, 31 Oct 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=51 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=50 ITSO has received reports that identity thieves are using phishing e-mails to entice users to dial a US-based telephone number and provide sensitive personal information due to "irregular activity" on a bank account.Mon, 29 Oct 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=50 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=49 RealPlayer is vulnerable to a stack-based buffer-overflow vulnerability involving an ActiveX object in the RealPlayer component ierpplug.dll.Tue, 23 Oct 2007 10:25:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=49 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=48 Adobe has acknowledged a flaw involving mailto: links in Acrobat Reader and has released a workaround. Fri, 12 Oct 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=48 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=47 The Novell client is vulnerable to multiple buffer-overflow exploits. The application fails to bounds check user supplied data before copying it into a buffer that is too small.Wed, 05 Sep 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=47 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=46 A new mutation of the Storm worm is sending messages claiming to be "new member/new user" e-mails from various websites, clubs, message boards, etc.Tue, 21 Aug 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=46 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=45 Certain versions of BIND 9 that are being used in a caching server configuration are vulnerabile to a cache poisoning exploit.Thu, 26 Jul 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=45 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=44 Phishers are sending messages that appear to come from the IRS in an attempt to convince users to provide bank account numbers and other personal information.Mon, 16 Jul 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=44 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=43 The IT Security Office is receiving a large volume of reports of fake e-mail messages that contain links to malicious payloads. Some appear to be from Microsoft while others claim to be a postcard from a friend.Thu, 28 Jun 2007 12:17:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=43 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=42 Remote exploitation of an input validation error allows malicious users to create an account with admin privileges.Wed, 13 Jun 2007 09:45:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=42 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=41 The "hit-highlighting" feature in IIS 5.0 can allow unauthenticated users access to documents to which they would not normally be allowed access.Mon, 04 Jun 2007 14:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=41 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=40 Phishers are registering domain names in order to steal from people wishing to donate to the victims of the shootings at Virginia TechWed, 18 Apr 2007 09:40:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=40 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=39 Remote exploitation of a buffer overflow vulnerability in McAfee's VirusScan Antivirus application allows attackers to disable the On-Access scanner or potentially execute arbitrary code with SYSTEM privileges.Wed, 18 Apr 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=39 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=38 A buffer overflow in the the Remote Procedure Call (RPC) management interface used by the Microsoft Windows Domain Name Service (DNS) service is actively being exploited. This vulnerability may allow a remote attacker to execute arbitrary code with SYSTEM privileges.Mon, 16 Apr 2007 15:03:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=38 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=37 An unpatched buffer overflow vulnerability in the way Microsoft Windows handles animated cursor files is actively being exploited.Mon, 02 Apr 2007 13:04:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=37 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=36 Spoofed e-mail messages from "admin@microsoft.com" contain a malicious payloadFri, 30 Mar 2007 00:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=36 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=35 Fraudulent Dell order confirmation e-mails contain links to malicious code.Fri, 23 Mar 2007 12:52:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=35 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=34 Approximately half of all router owners have not changed the default password on their equipment.Tue, 20 Feb 2007 16:22:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=34 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=33 KU has released new Sophos Anti-Virus clients for Windows and MacOSx platformsTue, 16 Jan 2007 10:25:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=33 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=31 Vulnerability in Server Service Could Allow Remote Code Execution (Microsoft Security Bulletin MS06-040) Thu, 10 Aug 2006 11:28:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=31 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=30 The popular Adobe Acrobat PDF Reader has been shown to have a serious security vulnerabilityTue, 18 Jul 2006 16:10:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=30 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=29 Apple has released a patch to address a number of security issues in various Apple products.Fri, 12 May 2006 12:00:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=29 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=28 Latest email virus alert uses ZIP file attachments and may mention CIA and/or FBI as sourceMon, 21 Nov 2005 16:30:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=28 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=27 Exploits are in the wild for recently released Microsoft Windows OS patches.Mon, 17 Oct 2005 08:45:12 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=27 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=26 Multiple fake donation websites and email scams are popping up that take advantage of people seeking to donate money to Hurricane Katrina relief. Thu, 01 Sep 2005 07:49:42 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=26 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=22 Users may be prompted to change their passwords. Passwords will be audited to ensure compliance with the new Password Policy as well as being of sufficient strength. On Sept 15th 2005 access to resources using non-strong passwords will be disallowed and redirection to the password change page will occur. Tue, 30 Aug 2005 11:12:10 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=22 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=24 Virus writers have created a worm that spreads using a Microsoft Plug-and-Play vulnerability disclosed only last week.Mon, 15 Aug 2005 08:12:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=24 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=21 New variants of the Sober virus send enormous amounts of email messages in German.Mon, 16 May 2005 10:10:32 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=21 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=20 Microsoft has released a series of patches for the April 2005 patch cycle. Many are critical and must be applied to maintain a secure computer.Tue, 12 Apr 2005 07:12:12 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=20 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=18 F-Secure detects more than 200 instant messaging worms, 700 IM trojansThu, 17 Mar 2005 16:17:10 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=18 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=17 The makers of the popular Firefox browser have released an important update to the Firefox web browser.Sun, 06 Mar 2005 14:43:15 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=17 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=15 Microsoft Windows contains multiple vulnerabilities in the way that it handles cursor and icon files. Exploit is in the wild.Thu, 13 Jan 2005 11:22:32 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=15 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=14 Starting on January 3rd, Service Pack 2 will be enabled on the central campus SUS Server (Yardbird) and will be automatically installed on machines that are set to point to Yardbird for operating system updatesThu, 30 Dec 2004 15:31:19 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=14 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=13 Apple has issued a security update for Mac OS X, which fixes various vulnerabilities.Thu, 09 Dec 2004 11:16:32 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=13 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=12 Issue with Sun's Java Virtual Machine (VM) in versions less than 1.4.2_06 that allows access, via JavaScript, to portions of a browser's Java plug-in that should NOT be available to untrusted appletsWed, 24 Nov 2004 10:49:01 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=12 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=11 New virus imitates Paypal or personal email.Tue, 09 Nov 2004 11:33:00 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=11 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=10 Email scams are increasing at an alarming rateSat, 30 Oct 2004 19:21:02 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=10 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=9 A new variant of the Bagle email worm is spreading rapidly across the internet todaySat, 30 Oct 2004 05:12:12 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=9 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=8 Microsoft has released security updates for a number of products, including Windows, Internet Explorer, and ExcelTue, 12 Oct 2004 19:15:10 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=8 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=4 Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.Mon, 04 Oct 2004 20:05:12 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=4 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=5 A vulnerability in the AOL Instant Messenger (AIM) client could allow a remote attacker to execute arbitrary code on a victim systemMon, 20 Sep 2004 12:12:51 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=5 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=3 Microsoft's Graphic Device Interface Plus (GDI+) contains a vulnerability in the processing of JPEG images. This vulnerability may allow attackers to remotely execute arbitrary code on the affected system.Thu, 16 Sep 2004 05:10:12 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=3 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=2 There have been a number of advanced variants of the GAOBOT/AGOBOT/PHATBOT worm released into the wild in the past weeks. We have seen a significant increase in IRC traffic and RPC scans from on campus hosts.Sat, 28 Aug 2004 10:03:14 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=2 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=1 We are receiving reports of a possible massive attack on the Internet tomorrowWed, 25 Aug 2004 12:55:39 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=1 http://www.security.ku.edu/alerts/alert-viewer.jsp?id=6 Microsoft Internet Explorer contains three vulnerabilities that may allow arbitrary code to be executedSun, 01 Aug 2004 12:42:19 CDT http://www.security.ku.edu/alerts/alert-viewer.jsp?id=6