UB Computer Security Information for Personal Computer Users

Critical Alerts
& Advisories

• University at Buffalo Emergency Web Site

• Microsoft Security Bulletin for June 2008

• Apple Security Updates Through June 2008

• Security Updates for Adobe Reader and Acrobat 8 - February, 2008

• Mozilla/Firefox browser: Download Latest Version

• Windows Vista Security Features
• Microsoft Windows Vista: When Should I Upgrade?
• Microsoft Windows Vista Web Site
• Microsoft Web: Security Enhancements in Windows Vista

• Upgrade to Adobe Reader 8.0 to protect your computer from cross-site scripting flaw in previous versions

• US-CERT: Risks of Peer-to-Peer File Sharing Technology

• Latest Threats & Advisories (Symantec)

• Latest Vulnerabilities & Alerts (US-Cert)

• Are hackers using your PC to spew spam & steal? (USA Today)

• SANS OUCH! Archive - Monthly Security Awareness Alert for End Users

Important Links
• UB IT Policies

• Find your support provider

• Symantec Virus & Worm Removal Tools

• Microsoft: Protect Your PC Steps

• Mac Security: SecureMac.com site

• Symantec Security Check

• Glossary of Security Terms (WhatIs.com)

Did you know?
You can use a public computer more securely if you follow these 5 safety tips. (Microsoft)

Also: Follow the links for protecting your laptop on the road and using public wireless networks more securely.

Yo
ur role in keeping your computers secure

Your situation	Your role
Managed Workstation Configuration, installations, and updates are done for you, usually automatically over the network. Many work computers fall into this category.	Do not change anything without explicit permission from your IT support staff. Someone else is taking care of security management for you. Don't be fooled into helping attackers: follow the best practices in step 4 on this page.
Supported Workstation An IT support person works with you to perform installs & updates on the computer. Many work computers fall into this category.	Talk to your IT support staff about what is being done for you and what steps you need to take yourself. Don't be fooled into helping attackers: follow the best practices in step 4 on this page.
Do-It-Yourself You have no assigned IT support person for this computer. You will need to keep your computer secure yourself. Most home computers and many laptops fall into this category.	Follow all 4 Steps of Computer Management on this page. Click on the links to get step-by-step instructions. Use the Tech Tools CD or Tech Tools software download site to get antivirus software for your computer free-of-charge.
* Adapted, with permission, from the University of Washington, Every Computer Needs Management Web page and security campaign: http://www.washington.edu/computing/security. Many thanks to Rick Ells from Computing & Communications, University of Washington.

1. Before connecting a new (or used) computer to any network or the Internet for the first time...
• Apply any critical operating system (OS) updates from CD or other media
— Burn a CD with the updates.
— Get OS Updates: Mac Windows UBLinux
— Burning a CD in UB's Public Computing Areas
• Install Symantec antivirus software from the Tech Tools CD and scan & clean your system: Mac, Windows
• Reset any default passwords: Choosing a good/strong password
• Turn off file sharing: Mac Windows
• Ask your IT support person about turning on a firewall: MacOS X Win XP

2. Establish a security routine
• Automate your operating system updates
Mac Windows
• Automate your antivirus updates Mac Windows
• Perform other software updates regularly Mac Windows Linux
• Ask your IT support staff about turning on a firewall MacOS X Win XP
• Regularly run an anti-spyware program such as AdAware for Windows
Recognizing and Avoiding Spyware
• Don't use administrator accounts to do your work

3. Be ready for infections & system failures
• Backup your files regularly: Using removable media, Windows: Using UBFS space and Web Folders
• Be prepared in case you have to rebuild your system
— Keep your installation CDs for the operating system and other software handy
— Have a plan for getting system updates on CD or other media.
• In case of infection:
—Update your antivirus software before scanning Mac doc Windows doc
— Use Symantec Antivirus to scan, then reboot, repeating scan/reboot until system is cleaned: Recover from a Virus Attack
— You may have to reformat and rebuild your system Windows
• Upgrade to supported operating systems: Microsoft LifeCycle List, Macintosh: Support for Older Operating Systems

4. Don't be fooled into helping attackers
• Do not share your password with anyone; choose a good password
• Do not open unexpected attachments: the best practice is to scan all attachments with antivirus software before opening
• Do not download unknown programs from the Web
• Do not trade unknown files with peer-to-peer programs such as Kazaa; Turn off file sharing in peer-to-peer software
• Do not believe amazing offers and unlikely stories and beware of phishing scams
• 5 Safety Tips for Using a Public Computer (Microsoft)

Last Updated 9/14/04
Questions or comments about this site should be sent to: the it-web group, University at Buffalo For IT help, please contact your local IT Support Provider.
Copyright 2004, University at Buffalo. All rights reserved.