A vulnerability in the Adobe Flash Player software installed on many computers on campus has the potential of allowing a computer to be taken over via an email read (or even previewed) by Outlook. Information Technology Services typically does not interrupt you for software installations and patching, but the severity of this issue requires immediate action.
ITS will be automatically patching Adobe Flash Player on college computers that have outdated versions installed. If you are logged into an affected computer, you may see a Dell KACE pop-up window in the lower right corner of your screen indicating the update is being applied.
There are also updates to Office released December 8th by Microsoft to address this vulnerability. These updates should already have been installed automatically as part of Microsoft Updates. ITS will check the status of these patches. This will slow your computer down for about 15 minutes, and you will see a KACE pop-up if your machine is being patched.
This is a good reminder that we are empowered to maintain software on computers that are assigned specifically to us. Please install all Microsoft, Adobe (and Apple, if you are using a Mac, or Apple software on Windows) patches to keep your computer safe. While there are occasionally problems introduced by patching, their impact is unlikely to be as severe as a virus infection, or the like.
Please contact the helpdesk if you have any questions or concerns about this update. 802-443-2200, firstname.lastname@example.org, or create a ticket at http://go.middlebury.edu/whd (providing us with the “Property of Middlebury College” number of the computer).
Mac users… Are you having the best possible experience with Middfiles? It may be time to update how you connect to Middfiles, as well as create some useful shortcuts!
First, check your connection. In the Finder, click on the Go menu, then click Connect to Server. You should use cifs://middcloud.middlebury.edu/middfiles and remove any “smb” middfiles favorites you may have stored, as shown.
Removing outdated SMB favorite
Now it’s time to create some powerful Sidebar favorites for easy access to your frequently-used folders (see sample below). Sidebar favorite locations are visible in all your programs! Refer to our wiki article for complete details on how to create these favorites & get rid of outdated ones.
Sidebar Favorite Sample
Technical stuff: We use the SMB protocol to connect to Middfiles almost exclusively on campus and the latest revision is CIFS. To use the most current version of SMB you must specify CIFS in your connection. Outdated connections may results in errors when saving to Middfiles or be slower.
It turns out that updating from a very old web browser to a somewhat less old (yet still outdated) web browser is not necessarily as simple as it might be. For more on this, read on* – but the short version of importance to know is:
Almost all public machines recently received an update from Internet Explorer version 8 to version 9. Shortcuts, favorites, plugins and the like have been unaffected in all of our testing beforehand. If you encounter problems or have questions, please pass them on.
*Last year INB was approved to run on Internet Explorer 9, and the group policy that blocks IE9 was removed. As we noticed that computers still were not receiving IE 9 as an update, we found we had a registry entry to modify to undo the group policy block that had been applied. As of that time, anyone running Microsoft Update should receive the IE9 update.
Our computer labs do not run the regular Microsoft Updates, though, since most users do not have administrative privileges on those computers. Dell KACE applies critical Microsoft Updates on a regular basis – but IE9 is no longer in that update list (as it has been replaced by IE10 & IE11). So, a manual installation has also been set up for this purpose.
Apple recently released software updates to iOS, Mac OS 10.7 and higher, as well as for Safari & QuickTime for Windows. These updates address a vulnerability found in Apple’s implementation of SSL (secure sockets layer), a protocol computers use extensively for secure communications online. While we are not aware of any specific information breaches at Middlebury College, and the steps necessary for someone to compromise these secure communications are far from trivial, we should all apply these important security patches to our Apple hardware and Windows computers running Apple software to mitigate these risks. Please check your Apple software for available updates (especially iOS, Mac OS, Safari, and QuickTime updates). Run your updates now and check again after the installation as some may have prerequisites. For more information, links to specific updates for the SSL vulnerability and others are available at http://support.apple.com/kb/HT1222.
While WebPrint is the most convenient way to print that paper from your computer, this service gets bogged down at times with the thousands of print jobs it handles every day. Printing from a lab computer avoids that line and moves you to the printer in a more consistent amount of time. For those of you printing very large documents, we kindly request that you always do this from a lab computer, rather than using WebPrint. By doing so, you will have more options (including being able to print a selected range of pages) and may help someone else get their paper in on time. For more information, see http://go.middlebury.edu/print
There is a class action lawsuit on behalf of owners of Macintosh computers that use MagSafe power adapters. If you own such a computer but have not received a notice about the lawsuit, find more information at https://www.adaptersettlement.com/.
As this relates to power cords with frayed connections, this is an issue that should be taken very seriously. Regardless of manufacturing quality, the helpdesk frequently sees frayed power cords for laptop computers. Here are a few recommendations:
1) put a loop in the cord before winding it up
2) be careful to not leave cords where they will be stepped on, or rolled over by chair wheels
3) if you see exposed wire or stressed wire covering (typically near the ends of the cables), do NOT use the power adapter
Apple recommendations – http://support.apple.com/kb/HT1630 (their advice applies well to many makes and models of power adapters – not just MagSafe adapters)
Have questions? Contact your computer vendor. Or the helpdesk (especially for college-owned equipment).
Cybersecurity as a Shared Responsibility – an Educause webinar in Library 145 Tuesday, October 4th from 1-2pm.
October is National Cyber Security Awareness Month. In this webinar, representatives from the White House, the U.S. Department of Education, and the Higher Education Information Security Council will discuss international and national cybersecurity strategies, the importance of cybersecurity awareness for both citizens and organizations, and the role that higher education plays in addressing cybersecurity challenges in an increasingly interdependent networked society. We will highlight the “Stop, Think, Connect” campaign that is being spearheaded by the National Cyber Security Alliance and the U.S. Department of Homeland Security and will also feature the SANS “Securing the Human” awareness materials that are being used by several institutions this fall in an effort to raise awareness among students, staff, and faculty.
Goal Statement: Centralize student employment/ management/ training/ scheduling or Continue reading