IS Services Desk Announcements

[For Information] - Remedy - Planned Outage - 13 November 10:30pm - 15 November 6:00pm

2009-11-06

To Remedy Users,

Information Technology Services advise that Remedy will be unavailable from 10:30 p.m. on Friday, 13th November 2009 to 6.00 p.m. on Sunday, 15th November 2009.

Access to Remedy will not be available during this period. Please note that users will still be able to log incident requests through the online forms at [http://servicedesk.unimelb.edu.au]

Two changes are planned during this outage:

1. Remedy Knowledge Management will be upgraded to version 7.2 - This version provides improved stability and performance without any major changes to the interface and functionality of Remedy Knowledge Management.

2. SSL security will be implemented on the Remedy web interface and Remedy Knowledge Management web interface. Redirections are in place for the main pages, but if you have bookmarked the login page you may need to use the links from the following page to update your bookmarks:
[http://www.infodiv.unimelb.edu.au/remedy]

If you have any feedback on these changes, please contact the Remedy Service Delivery Manager, Simon Abbott sjabbott@unimelb.edu.au

[For Information] - Software Vendor Roadshow 2009 - General Notification

2009-11-05

To IT Managers and Lites,

ADOBE, VMware, Symantec and Microsoft will presenting the latest updates at The University of Melbourne.

Session details and times can be located:

[http://www.infodiv.unimelb.edu.au/itpl/licensing/SoftwareVendor2009.html]

[Important] - IT Security Services - Email with malicious attachment received in the University

2009-11-05

To Email users,

ITSS-Advisory : Medium : Email with malicious file attached

It would be appreciated if this information can be communicated
to students and staff through appropriate means, such as notice
boards or linked through web information services.
The web address of this article is:
[http://www.infodiv.unimelb.edu.au/it-security/05-11-2009.html]

THREAT LEVEL
============
Medium.

INFORMATION
===========
An email with a malicious file attached has been received in the University.
The email has the following characteristics:

From: Comcover Gov
Subject: Nonrefundable loan approved for your company!

McAfee antivirus with DAT version 5791 (and later) is able to detect and
delete the malicious file attachment.

ACTION
======
Please advise all users to permanently delete the email.

[Important] - IT Security Services - Java SE 6 Update 17 released

2009-11-04

To Administrators of computers running Java,

ITSS-Advisory : MEDIUM : Sun : Java : Java SE 6 Update 17 released

It would be appreciated if this information can be communicated
to students and staff through appropriate means, such as notice
boards or linked through web information services.
The web address of this article is:
[http://www.infodiv.unimelb.edu.au/it-security/1-04-11-2009.html]

THREAT LEVEL
============
Medium.

INFORMATION
===========
Sun has released Java SE 6 Update 17. This version fixes a number of
vulnerabilities, impacts include denial of service and arbitrary code
execution. More information is available at:
[http://java.sun.com/javase/6/webnotes/6u17.html]

AFFECTED PLATFORMS
==================
Computer of various platforms running Java versions earlier than
Java SE 6 Update 17.

ACTION
======
Administrators of affected computers are advised to review the
bulletin, test and apply relevant updates.

Links to download Java are available at:
[http://www.java.com]

[Important] - ITSS-Advisory : Microsoft : Internet Explorer - IT Security Notification

2009-11-04

To Users and administrators of systems with Internet Explorer installed,

ITSS-Advisory : Medium : Microsoft : UPDATED ALERT Internet Explorer

It would be appreciated if this information can be communicated to students and staff through appropriate means, such as notice boards or linked through web information services.

The web address of this article is: [http://www.infodiv.unimelb.edu.au/it-security 04-11-2009-02.html]

THREAT LEVEL
============
Medium

INFORMATION
===========
Product: Internet Explorer
Publisher: Microsoft

Resolution: Patch/Upgrade

AFFECTED PLATFORMS
==================
Operating System: Windows 2000
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7

IMPACT
======
Microsoft have released an update to MS09-054 to correct a number of issues that occur after applying the original patch. Users who have installed the original patch will need to apply the latest update available from:

[http://support.microsoft.com/kb/976749]

Revision History:
November 3 2009: Added a comment on the required update to the original patch
October 14 2009: Initial Release Relevant vulnerable releases:

Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4

Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4

Internet Explorer 6 for Windows XP Service Pack 2 and Windows XP Service Pack 3

Internet Explorer 6 for Windows XP Professional x64 Edition Service Pack 2

Internet Explorer 6 for Windows Server 2003 Service Pack 2

Internet Explorer 6 for Windows Server 2003 x64 Edition Service Pack 2

Internet Explorer 6 for Windows Server 2003 with SP2 for Itanium-based Systems

Internet Explorer 7 for Windows XP Service Pack 2 and Windows XP Service Pack 3

Internet Explorer 7 for Windows XP Professional x64 Edition Service Pack 2

Internet Explorer 7 for Windows Server 2003 Service Pack 2

Internet Explorer 7 for Windows Server 2003 x64 Edition Service Pack 2

Internet Explorer 7 for Windows Server 2003 with SP2 for Itanium-based Systems

Internet Explorer 7 in Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

Internet Explorer 7 in Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

Internet Explorer 7 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

Internet Explorer 7 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

Internet Explorer 8 for Windows XP Service Pack 2 and Windows XP Service Pack 3

Internet Explorer 8 for Windows XP Professional x64 Edition Service Pack 2

Internet Explorer 8 for Windows Server 2003 Service Pack 2

Internet Explorer 8 for Windows Server 2003 x64 Edition Service Pack 2

Internet Explorer 8 in Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service
Pack 2

Internet Explorer 8 in Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

Internet Explorer 8 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for
32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

Internet Explorer 8 in Windows Server 2008 for x64-based Systems and Windows Server 2008
for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

Internet Explorer 8 in Windows 7 for 32-bit Systems

Internet Explorer 8 in Windows 7 for x64-based Systems

Internet Explorer 8 in Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation not affected)

Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Systems

Vulnerability Information
=========================

Data Stream Header Corruption Vulnerability - CVE-2009-1547

A remote code execution vulnerability exists in the way that Internet Explorer processes data stream headers in specific situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page.

When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

HTML Component Handling Vulnerability - CVE-2009-2529

A remote code execution vulnerability exists in the way that Internet Explorer handles argument validation of a variable in specific situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Uninitialized Memory Corruption Vulnerability - CVE-2009-2530

A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Uninitialized Memory Corruption Vulnerability - CVE-2009-2531

A remote code execution vulnerability exists in the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MITIGATION
==========
Users who have installed the original patch will need to apply the latest update available from:

[http://support.microsoft.com/kb/976749]
Or via Microsoft Windows update

REFERENCES
=========
Original Bulletin:
[http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx]

[Important] - IT Security Services - Adobe Shockwave Player - new version released

2009-11-04

To Administrators of computers running Adobe Shockwave Player,

ITSS-Advisory : MEDIUM : Adobe : Shockwave Player : Version 11.5.2.602 released

It would be appreciated if this information can be communicated
to students and staff through appropriate means, such as notice
boards or linked through web information services.
The web address of this article is:
[http://www.infodiv.unimelb.edu.au/it-security/04-11-2009.html]

THREAT LEVEL
============
Medium.

INFORMATION
===========
On 03 Nov 2009, Adobe released Shockwave Player 11.5.2.602. This version fixes
a number of vulnerabilities, impacts include denial of service and arbitrary code
execution. More information is available at:
http://www.adobe.com/support/security/bulletins/apsb09-16.html

AFFECTED PLATFORMS
==================
Computers of various operating systems running Adobe Shockwave Player versions
11.5.1.601 and earlier.

ACTION
======
Administrators of affected computers are advised to review the bulletin, test and
apply relevant updates.

Links to download Shockwave Player are available at:
[http://get.adobe.com/shockwave/]

[Important] - ITS Procurement - General Notification

2009-11-03

To All University Staff,

Please check ITS Procurement website http://www.infodiv.unimelb.edu.au/itpl/purchase/departments.html for interim arrangements - for the purchase of Desktops and Laptops, effective from 13th of October 2009 until further notice.

[Important] - Themis - Planned Outage - 3:00pm Friday 6 November 2009 to Monday morning 9 November

2009-10-29

To Themis users,

Information Technology Services advise that Themis will be unavailable from 3:00pm Friday 6 November until Monday morning 9 November. We are upgrading Themis to the most recent technology patches.

[For Information] - Account Registration System - Decommission - 2009 - 2010

2009-10-09

To Staff,

Information Technology Services is replacing ARS, our Account Registration System, with a new Identity Management System. The complete replacement of ARS will take place incrementally over the course of 2010. Work will commence in late 2009.

Whilst ARS will continue to be maintained until fully replaced, limited changes or modifications to the retiring ARS system will be undertaken during the replacement period. Currently there are no pending requests for changes to the ARS system, and only critical new work will be considered after 16 October.

Please direct all queries to Terry Brennan, Identity Management Project Manager.

Further information about the Identity and Access Management Project is available at [http://go.unimelb.edu.au/sa6]