» Home     » How To…   » Site Map   » Contact Us 
 Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
Your location: Home > News archives > Critical Security Vulnerabilities Released - April 2005
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

This announcement is to inform the SCS Community of two major security vulnerabilities that have been recently announced:

Microsoft Windows Operating Systems (2000, XP, 2003 Server)

Microsoft recently released critical security updates for April. SCS Facilities is in the process of deploying these updates automatically via our local Windows Update Server, but the vulnerabilities are serious enough that we encourage everyone to run Windows Update (or click on the update icon in the task bar) as soon as possible and install all available updates. After you install the updates, an additional visit to the Windows Update site, http://windowsupdate.microsoft.com, will assure that all updates have been successfully applied.

Please note that there is no need to install Windows XP Service Pack 2 in order to have these updates applied as we are currently in the process of rolling out Service Pack 2 in a controlled fashion in order to minimize compatibility issues.

For the details about these updates go to http://www.microsoft.com/security/bulletins/200504_windows.mspx

Mozilla Suite and Firefox

We have also received notification of Mozilla Suite and Firefox vulnerabilities which may be exploited by malicious Websites to execute arbitrary commands or conduct Cross Site Scripting attacks.

To update Mozilla Suite and/or Firefox please visit: http://www.mozilla.org/download.htm

For technical details on these vulnerabilities please visit: http://www.frsirt.com/english/advisories/2005/0361

If you have any questions or concerns, please contact help+@cs.cmu.edu or call the SCS Help Desk at x8-4231. 

Thank you for your attention.

 SCS Help Desk




 This site is maintained by SCS Computing Facilities; send comments to help@cs.cmu.edu.
 Accessibility information  © Carnegie Mellon School of Computer Science