|
Welcome to the OIT Security
Website
The security group within
the Office of Information Technology
is responsible for the coordination of a variety of IT Security related
activities. These include:
·
Incident
Management and Response
·
Compliance Coordination
·
Vulnerability
and Threat Assessment
·
Awareness and AUP Enforcement
·
Security Policy Development
|
Debian and Ubuntu OpenSSL Have
Flawed Encryption Key Generation
updated May 16, 2008
Due to a
flaw in the OpenSSL key generation process on Debian or Ubuntu Linux,
unpatched systems may be vulnerable to a variety of attacks including
remote access via SSH. Updates
are available for both versions.
New keys need to be generated after the update. For more information, see: http://www.kb.cert.org/vuls/id/925211
Microsoft Announces May
Vulnerability List
updated May 15, 2008
Microsoft has released
their security updates for May 2008.
This month’s list includes:
- MS08-026 Vulnerabilities in
Microsoft Word Could Allow Remote Code Execution
- MS08-027 Vulnerability in
Microsoft Publisher Could Allow Remote Code Execution
- MS08-028 Vulnerability in
Microsoft Jet Database Engine Could Allow Remote Code Execution
- MS08-029 Vulnerabilities in
Microsoft Malware Protection Engine Could Allow Denial of Service
For
more information, please see:
http://www.microsoft.com/protect/computer/updates/bulletins/200805.mspx
|
