The goal of the Wright State University IT Security website is to provide information for protecting the University's computing and information resources/data by complying with information-related laws, regulations, policies and security best practices. We are also concerned with the health of your computer and the protection of your sensitive information.
For your personal protection against malicious internet activity, we encourage you to review the information on this site, specifically the section entitled Do IT Wright, accessible from the menu on the left. You are the only one that can protect your finances, identity and personal data.
Theft of personal data can occur both at home and at the university workplace, since employees of the university work daily with protected or personal information. If two pieces of information can be put together to provide access to obtain personal documents, security measures must be in place to protect that information. Paying close attention to the information on this website can provide you with valuable insight on how to protect both your information and the university's sensitive data.
The CaTS Help Desk is here to help. If you have questions or concerns about information technology security, please see the Contact Us page.
Security Updates
Internet Explorer Security Vulnerability
Thursday, May 1, 2014
Recently, Microsoft announced a security vulnerability that affects Internet Explorer versions 6 through 11. This vulnerability allows an attacker to use Adobe Flash content on a website to install malicious code onto your computer.
As of 1:00pm today, Microsoft has issued a security update for this issue. This update will be available for all versions 6-11 of Internet Explorer, and will be provided for users of Windows 7, Windows 8, and Windows XP, even though Microsoft no longer officially supports XP.
If your computer is connected to the WSU network and your system is setup to receive updates automatically from us, then this security fix will install automatically for you. If you are not connected to WSU’s update server, or if you are using your home computer, you should check your Windows Update setup to make sure it is downloading updates automatically.
If you would like assistance with Windows Update on your computer, feel free to contact the CaTS Help Desk at (937) 775-4827.
For more information about this issue, visit the following website:
http://krebsonsecurity.com/2014/05/microsoft-issues-fix-for-ie-zero-day-...
This list is maintained by Computing and Telecommunications Services.
Attention Users of Cisco AnyConnect VPN App on iOS Devices
Friday, April 18, 2014
Important: This message only applies to individuals who are using the Cisco AnyConnect VPN app on iOS devices (iPhones, iPads, and iPods).
CaTS recently learned that the Cisco AnyConnect VPN app for iOS devices was vulnerable to the Heartbleed bug that affects OpenSSL connections on the Internet. Because of this, Cisco released an update to the app, which is now available through the App store. This update fixes the vulnerability to the Heartbleed bug.
CaTS recommends that you update your AnyConnect VPN app through the Apple app store. The Android version of the app, along with the AnyConnect VPN client for Windows, are not affected by this vulnerability and do not need to be updated.
If you have any questions regarding this update, please contact the CaTS Help Desk at (937) 775-4827, or send an email to helpdesk@wright.edu.
This list is maintained by Computing and Telecommunications Services.
CaTS Security Alert: Heartbleed Bug
Wednesday, April 9, 2014
Many of you may have heard recently about a security vulnerability affecting secure data transmission on the Internet. This bug, deemed the Heartbleed Bug, affects OpenSSL, the open-source encryption standard used by most websites.
On Monday, April 8, CaTS began a review of the OpenSSL deployment for all CaTS-managed servers. The initial results indicate our servers are not affected by this vulnerability. However, we will be performing a thorough scan of all CaTS-managed servers to ensure no systems have been overlooked.
Although CaTS is looking at web servers owned by the university, the Heartbleed bug has affected many other websites, and your secure information could be compromised. For a general overview of this bug and the steps you should take to secure your information, see the following
website:
http://www.businessinsider.com/heartbleed-bug-explainer-2014-4
If you have questions or concerns about this vulnerability please contact the Help Desk at (937) 775-4827.
This list is maintained by Computing and Telecommunications Services.
