Internal | Computer Announcements
Posted: 01/04/2008
Dear Chemistry Department,
There is a computer virus roaming in the department which will turn your machine into a spamming “zombie”. It has affected 4 computers in the past month. I caution everyone to be very careful about opening emails during the next few weeks. Make sure the email you are receiving is an email you were expecting. Most of the time the effects of this virus are a total computer software reload.
Thanks,
Kris Takach
Systems Administrator
Department of Chemistry
Posted: 11/29/2006
Symantec AntiVirus Worm Exploit
Chemistry Department:
I am writing to inform you that a new computer worm has been reported on the Internet that exploits a critical vulnerability in earlier, outdated versions of Symantec AntiVirus. Any University Microsoft Windows workstation not using the latest version of Symantec AntiVirus is potentially susceptible to this worm. It is recommended that all students, faculty, and staff who are using Symantec AntiVirus version 10.0.x or earlier for Microsoft Windows immediately download, uninstall the previous Symantec AntiVirus and install the latest version at no cost at
To determine which version of Symantec AntiVirus you are using, double click the Symantec shield icon located in the lower right hand corner of your screen. In the Program Versions box, look for Program: 10.1.x.x to confirm that you are using the latest version.
If you are using an older version of Symantec AntiVirus, log in to the
This vulnerability affects earlier, outdated versions of Symantec AntiVirus, which allow this new computer worm to exploit the vulnerability. Once the worm infects a workstation, it loads spyware and other malware onto the computer. Any workstation that has been infected by the worm must be immediately removed from the University network (PittNet) and fully rebuilt before being returned to the network.
Thanks,
Kris Takach
Systems Administrator
Department of Chemistry
219 Parkman Ave.
Pittsburgh, PA 15260
Email: chemhelp@pitt.edu
Posted: 08/10/2006
Critical Windows Update
Chemistry Deparatment:
I am writing to inform you that the Department of Homeland Security (DHS) has issued an alert
The DHS alert urges Windows users to avoid delay in applying this security patch, as exploits---including a computer worm that takes advantage of the vulnerability---are expected shortly.
This security patch is designed to protect against a vulnerability that could allow an attacker who successfully exploits it to perform a number of actions, including gaining complete control of an affected computer and executing arbitrary code.
To update your system goto windowsupdate.microsoft.com
Thanks,
Kris Takach
Systems Admin
Chemistry Department
Posted: 08/07/2006
Apple OSx Security Updates
Chemistry Department:
I am writing to inform you that Apple Computer, Inc. has announced critical new security vulnerabilities affecting Mac OS X v10.3.9 and v10.4.7 and Mac OS X Server v10.3.9 and v10.4.7.
Apple recommends that users immediately obtain and install the necessary security updates for their computers. The updates are available only for Mac OS X versions 10.3.9 and 10.4.7.
If the required updates are not installed, these vulnerabilities could allow an attacker who successfully exploits them to bypass security restrictions and to perform a number of actions, including gaining control of an affected computer and executing arbitrary code, or enabling a malicious application to read and write local files on a user's system.
It is recommended that all Mac OS X users install the required security updates provided by Apple in Security Update 2006-004. This update is available from Apple?s Web site
Posted: 05/23/2006
Yahoo IM worm hijacks Internet Explorer homepage
Chemistry Department:
Users of Yahoo Instant Messenger are under threat from a worm that hijacks their Internet Explorer homepage and leads them to a site that puts spyware on their PCs. Researchers at anti-malware firm FaceTime Security Labs, who identified the threat, say that the yhoo32.explr worm puts its own browser called Safety Browser on their PCs, the first recorded incidence of malware installing its own web browser on a PC without the user's permission.
The worm propagates by inserting a link into existing Messenger conversations on an infected PC. When an infected user initiates or joins a conversation, a link is inserted at random points in the conversation.
Please watch what you click on when using IM's. Make sure that the sender intended you to click on the link.
Thanks,
Kris Takach
Systems Administrator
Posted: 05/17/2006
QuickTime Application Vulnerabilities Affect Mac OS X and Microsoft Windows
Chemistry Department:
I am writing to inform you that Apple Computer, Inc. has announced critical new security vulnerabilities affecting Mac OS X and Microsoft Windows systems that use Apple QuickTime. Apple recommends that users immediately download and install the QuickTime 7.1 to address these vulnerabilities.
If the required update is not installed, these vulnerabilities could allow an attacker who successfully exploits them to bypass security restrictions and enable a malicious application to read and write local files on a user's system. These vulnerabilities affect Mac OS X v10.3.9 and later, Microsoft Windows XP, and Microsoft Windows 2000.
CSSD recommends that all QuickTime users install the required security updates provided by Apple in QuickTime 7.1. This update is available from Apple?s Web site at http://www.apple.com/support/downloads/
Posted: 05/17/2006
New Vulnerabilities Affects Mac OS X and Mac OS X Server
Chemistry Department:
I am writing to inform you that Apple Computer, Inc. has announced critical new security vulnerabilities affecting Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.6, and Mac OS X Server v10.4.6. Apple recommends that users immediately obtain and install the necessary security updates for their computers.
If the required updates are not installed, these vulnerabilities could allow an attacker who successfully exploits them to bypass security restrictions and to perform a number of actions, including gaining control of an affected computer and executing arbitrary code, or enabling a malicious application to read and write local files on a user's system.
It is recommended that all Mac OS X users install the required security updates provided by Apple in Security Update 2006-003. Direction are available from Apple?s Web site http://docs.info.apple.com/article.html?artnum=106704
Posted: 05/10/2006
Microsoft Windows Updates
Dear Chemistry Department,
Microsoft Windows has critical updates available. To install these updates, please go to windowsupdate.microsoft.com.
Kris Takach
Posted: 04/12/2006
10 New Windows Patches
Dear Chemistry Department,
Update Microsoft on Tuesday released a "critical" Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks.
Please go to windowsupdate.microsoft.com to get these updates.
Thanks,
Kris Takach
Chemistry Department
Systems Admin
Posted: 09/12/2005
Firefox Web Browser security error
Dear Chemistry Department,
Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.
To install the security patch for Firefox or the Mozilla Suite, follow these instructions:
- Firefox and Mozilla Suite users copy and paste this link into your browser: http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.6/patches/307259.xpi
- In the Software Installation window, click the "Install Now" button.
- Exit and restart your Mozilla or Firefox browser.
To verify the fix in Firefox and the Mozilla Suite, be sure to restart the browser and then follow these steps:
- In Firefox Click Help -> About Mozilla Firefox and verify that the user agent string contains "(noIDN)"
- In the Mozilla Suite Click Help -> About Mozilla and verify that the user agent string contains "(noIDN)"
The problem has to do with the way the Firefox and Mozilla browsers handle International Domain Names, or IDNs, said Mike Schroepfer, director of engineering at Mozilla. IDNs are domain names that use local language characters. The fix disables support for such Web addresses, he said.
Thanks,
Kris Takach
Systems Administrator
Chemistry Department
Posted: 09/02/2005
Flaw in Windows XP and 2003 server
Dear Chemistry Department:
CNET News.com reports that A flaw in Windows Firewall may prevent users from seeing all the open network ports on a Windows XP with service pack 2 or Windows Server 2003 computer.
The bug could allow a firewall port to be open without the user being informed through the standard Windows Firewall user interface, according to the Microsoft advisory.
Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall.
To fix this please copy and paste the following web address in your browser and download the update: http://www.microsoft.com/downloads/details.aspx?FamilyId=478FD24B-B2C4-4207-B1B9-1C988698C888
Posted: 08/25/2005
MSN IM Worm
Dear Chemistry Department,
For those of you who use MSN Instant Messenger, a new MSN Messenger worm often talks to people in their own tongue as it hunts for new victims, security experts have warned.
The worm, dubbed Kelvir.HI, appears to check which language the Windows client is configured to use.
When it hits an English system, the worm sends out the following message: "haha i found your picture!" The message is sent to everybody on a user's contacts list. The message includes a Web link that when clicked on will download malicious software that installs a backdoor and furthers the spread of the worm.
As always, be careful what you click on.
Posted: 08/22/2005
Adobe Acrobat security patch
To all Adobe Acrobat users,
Users of the ultra-popular Adobe Reader and Acrobat applications should patch the software pronto to plug a highly critical vulnerability that could let attackers crash systems and inject malicious code into PCs and Macs.
According to Adobe, the buffer overflow vulnerability lies within an unnamed core application plug-in that's part of both Acrobat and the free Reader. An attacker who creates a malicious PDF file and tricks a user into opening it could crash the app, and perhaps execute additional code to grab control of the machine.
How to perform the adobe update:
1) Open the adobe program
2) Click on HELP on the top toolbar
3) Click on UPDATES
4) Add all the updates the click UPDATE.
If you have any questions or problems please let me know.
Thanks,
Kris Takach
Posted: 07/29/2005
Overview of security and making a more secure MAC With OSX
Dear Chemistry Department:
I know I do not provide you with much information about Macintosh computering but I just want you to know I am trying to make a greater effort to include the Macintosh users. Here is an article about securing a MAC with OSX.
Thanks to several built-in security features, Mac OS X is pretty much secure right out of the box. Of course, there are always additional security practices you can incorporate. Mike Mullins details OS X's built-in security features and suggests three things you can do to secure your Mac even more.
With its foundation deeply buried in UNIX, the Mac OS X system is incredibly secure. Even out of the box, this system comes to you in a very secure state.
The default features included in the Mac make it an excellent choice for users worried about hackers and viruses. Let's take a look at some of OS X's built-in features that make this system so secure out of the box.
- It has a secure default configuration: By default, OS X closes all of the communication ports, and it disables all native services, including personal file sharing, Windows file sharing, personal Web sharing, remote login, FTP access, remote Apple events, and printer sharing.
- It includes a personal firewall: Enabling OS X's personal firewall denies all inbound connections except for those you specifically allow. Unlike other personal firewalls, you must explicitly identify the traffic you want to allow the first time you turn on the firewall. In addition, the firewall includes a Stealth Mode setting, which won't acknowledge the system's existence to would-be hackers looking for machines to attack.
- It automatically updates the machine: This feature allows your Mac to download software updates and security patches automatically. In addition, Apple digitally signs its updates, so you can be sure they come from a trusted source.
- It features FileVault encryption: FileVault protects the data on your machine using AES-128 encryption, rather than the weaker Data Encryption Standard X (DESX) algorithm used by the Windows Encrypting File System (EFS).
- It offers a secure Keychain: The Keychain automatically stores all password information to use encrypted disk images and to log onto file servers, FTP servers, and Web servers. This feature enables you to create and use complex passwords without writing them down or trying to remember them.
- It includes a permanent deletion feature: When you delete a file or folder, the Secure Erase Trash feature immediately overwrites the file with invalid information, making the file disappear completely and removing the possibility of recovering the data.
Of course, it's important to remember that even with all of these native security features, nothing is secure until you've verified it?and incorporated some security best practices. The following three best practices are the most common security recommendations within the overall UNIX community. You can accomplish all three tasks via the System Preferences dialog box.
- Create an additional non-administrative account for daily use: Remember: Admin or root accounts are for tasks?not browsing the network and reading e-mail.
- Use the OS X screensaver with a password: This habit ensures that your machine remains inaccessible whenever you're away from the keyboard.
- Turn on network time synchronization: If you plan to maintain and use log files (and Macs log a lot of information), this step makes sure the timestamp in the system logs is accurate.
Final thoughts
While OS X is secure out of the box, you should still take some time and browse through its different features. Make sure to verify that the level of security is consistent with your needs.
Posted: 05/13/2005
For Firefox Web Browser Users
Hello everyone:
If you currently use the Firefox web browser, please take note that due to serious security flaws they have released an updated version of Firefox. You can find it available at downloads.com. Just type Firefox in the SEARCH box. Then click on the green arrow that states DOWNLOAD NOW. You can tell it to just RUN. Click on RUN again. Then follow the instructions.
Thanks,
Kristofer Takach
Systems Administrator
Chemistry Department
Posted: 05/11/2005
Microsoft Windows 2000 and XP users Virus tool remover
Chemistry Department:
To aid you in any clean-up efforts, Microsoft has released the Malicious Software Removal Tool, which you can access from Microsoft's Web site. This tool scans for and removes software associated with a number of threats, including Bagle, Blaster, Mimail, Mydoom, Netsky, Sober, and more.
Microsoft updates the tool each month when it releases its security bulletin on the second Tuesday of the month. Thanks to this monthly update, you can take steps to clean your systems of all common, removable threats, even if they've just recently surfaced.
The Malicious Software Removal Tool works on computers running Windows XP, Windows 2000, and Windows Server 2003. After you've run the tool, you'll get a report that outlines what the tool found and removed from your system.
You have two options for using this tool. You can run it from Microsoft's Web site by copying the following address in your web browser: http://www.microsoft.com/security/malwareremove/default.mspx and the tool will delete itself after running. Or, you can also download an installable version of the Malicious Software Removal Tool from Microsoft's Web site by copying this into your web browser: http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en.
The following link has been posted on the chemistry website which contains useful information about spyware and can be accessed by copying the following link into your web browser: http://www.chem.pitt.edu/service/computer_help.asp
Posted: 05/11/2005
Lecture Hall PC's now have XP
Faculty:
Lecture Halls 12 and 12A computers have been reloaded with Windows XP in a effort to try to remain up to date. I have also installed the following software:
- Chem Office
- Microsoft Office
- I tunes
- Quicktime
- Cache
- Adobe Acrobat
- Chime
If there are any other software packages you need to be available to you please let me know ASAP. Thanks.
Posted: 05/03/2005
Computer Worm in Chevron
Hello all:
There was a computer in the chemistry department with a worm on it. It has been trying to attack computers in the chemistry department by way of an open port 445. Please run your anti-virus as soon as possible to try and prevent this worm from attacking your computer.
Thanks
Posted: 05/02/2005
Chemistry Web Site due to be down
Due to the upgrading of the Eberly Research Power Generator, the chemistry web site will be off-line from approximately 8:30am till 10am. So please do not be alarmed if you can not reach the web site during this time. Thank you all for your cooperation.
Kris Takach
Systems Administrator
Chemistry Department
Posted: 04/26/2005
Update your virus protection immediately
It would be advised to update your anti-virus as soon as possible. Security experts said Tuesday that the worm, dubbed Sober.M, reports e-mail addresses of victims back to its anonymous author--a technique known as harvesting. Spammers typically buy these fresh addresses to add to their lists of e-mail recipients.
The e-mail containing the worm is written in bad English with the subject line: "I've got your e-mail on my account."
This is what the email would look like:
Subject line: I've_got your E-mail on my_account!
Message text:
Hello,
First, Very Sorry for my bad English.
Someone is sending your private e-mails on my address.
It's probably an e-mail provider error!
At time, I've got over 10 mails on my account, but the recipient are you. I have copied all the mail text in the windows text-editor for you & zipped then. Make sure, that this mails don't come in my mail-box again. bye
Attached file: your_text.zip
Thanks,
Kris Takach
Systems Administrator
Chemistry Department
Posted: 04/18/2005
Microsoft Updates
Chemistry Department:
This is an important message to those of us who use Microsoft Windows Operating Systems. I have recently visited Microsoft?s Windows Update web site and found some important security updates that needed to be installed. Sometimes Microsoft Windows Automatic Update does not always download all of the possible updates to us. I will inform you when there is an important update to the Operating System. When this occurs we have to go directly to Microsoft Windows Update Site and download the Security updates manually. To do that simply type into your web browser windowsupdate.microsoft.com (Do not type www). From there, you can either select Express Install to have Microsoft download all of the updates or you can select Custom Install to choose which updates you want to download onto your computer. After you select which updates you want to install click the Install button. Sometimes you will be prompted to Restart your computer after the update(s). If you have trouble finding or installing these files, feel free to call me.
Two of the important updates recently were:
Windows Malicious Software Removal Tool - This tool runs once to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and automatically helps remove any variants found. After it runs, the tool is deleted from your computer. A new tool will be available every month.
Security Update for Internet Explorer with Service Pack 2 - A security issue has been identified that could allow an attacker to compromise a computer running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
Posted: 11/01/2004
Many of us are familiar with the free version of Ad-Aware, which removes unwanted adware and spyware that lands on your PC. The professional version offers Ad-Watch, which gives you real-time protection for malware and parasites that try to install on or modify your system. SE Professional also includes Process-Watch, which lets you analyze all the processes and associated modules running on your machine.
This latest version has new command-line parameters that allow for silent and automated operation. It also has a new results screen, improved logging and reporting, and a new safety option that allows you to write-protect sensitive system files.
To download Ad-Aware for Windows computers, open a Web browser to software.pitt.edu, click the Connect button, and log on with your University Computer Account username and password. Select Lavasoft from the Vendors menu and then click Search this site. On the next screen, click the Ad-Aware link to download the file.
Posted: 10/07/2002
BugBear Threat
Please refer to Symantec Security Response website for any questions about the latest threat.
Norton Anti-Virus is the site licensed product we use from Symantec Corp. The latest virus definitions which include protection from the latest threats are dated 10/02/02. Please check Norton AV and make sure you have LiveUpdate turned on, AutoProtect and Email Scanning turned on. You should also have a virus definition dated 10/02/2002.
If you have any questions please feel free to contact me:
or
x48589
Thank you!
-Lance
Posted: 07/11/2002
W97M.Zacry.A@mm is a Microsoft Word macro virus. It spreads by infecting the global template, Normal.dot, and the currently active document. Also, it attempts to replicate itself to all contacts in the Microsoft Windows Address Book using Microsoft Outlook. The e-mail message will have the following characteristics:
Subject: Re: Send to me
Body: It's your document
Attachment: [A Word document, infected with W97M.Zacry.A@mm]
For more information visit:http://securityresponse.symantec.com/avcenter/venc/data/w97m.zacry.a@mm.html
Posted: 01/24/2002
Simple way to create your own web pages?
The web page template generator is designed to help the novice web page designer create professional looking web pages quickly, easily and without expense. There are sixty?three predefined navigation buttons and four colors available, purple, green, gold and orange.
The requirements are basic. To create a standard web page, such as this one, all you will need is a PC or Mac with a 4.0 or higher web browser (Internet Explorer is recommended), your favorite HTML/Text editor (such as TextPad or Word) and WinZip, Stuffit Expander or similar programs to unzip files. Advanced features that allow you to create original navigation buttons require Photoshop 5.5 or higher.
The template generator is located at http://template.provost.pitt.edu. To acquire a manual and a username and password to access the template generator, contact Carrie Sparks at sparks@provost.pitt.edu
Posted: 09/25/2001
Please be aware of a new virus asking you to vote about America going to war. If you get any emails with the subject line of:
Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!
DO NOT open it. Delete it right away.
If you wish to read more about it here are two links:
http://securityresponse.symantec.com/avcenter/venc/data/w32.vote.a@mm.html
http://www.mcafee.com/anti-virus/viruses/vote/default.asp?cid=2464
Posted: 09/20/2001
A new Internet worm is loose and it can infect ALL Windows based PC's The virus is called W32.Nimda. Details can be found at the following URL: http://www.computerworld.com/storyba/0,4125,NAV47_STO63992,00.html.
Below is a detailed list of way to protect your PC's from this virus.
In short:
- Use Netscape with Javascript turned off.
- Do not open any attachments with "readme.exe" or "readme.eml".
- If you must use Internet Explorer please have the latest security patch applied (service release 2 for IE 5.0 and 5.5) and turn off Javascript and disable Active Scripting in IE.
- Update your anti-virus definitions.
If you are running IIS see the information elsewhere to safeguard you machine.
If you become infected, please remove your PC from the network as it try to infect other PC's. There is no current tool to remove this virus. If you have any questions, need help or become infected please feel free to contact Ron Zulick.
Posted: 08/16/2001
Posted: 08/03/2001
A tip for printing PDF files suggested by Prof. Cohen - For pages that refuse to print try selecting "print as image" instead of "print as postscript". This is slower, but more reliable.
Posted: 07/22/2001
A new virus - "Sircam" - is an executable file that arrives via e-mail and propagates by sending itself to everyone in the victim's e-mail address book.
Posted: 05/20/2001
Norton AntiVirus Software Replaces McAfee Effective May 31, 2001. For more information click here
.