UB Computer Security Information for Personal Computer Users

Critical Alerts
& Advisories

• Current Email Phishing Attempts Targeting UB Community

• Microsoft Security Bulletin for June 2009

• Apple Security Updates Through June 2009 (Includes Apple QuickTime Player Updates)

• Flaws in Adobe Reader Leave Computers Vulnerable: Disable JavaScript Follow the link to learn how to do this.

• Alert: Updates are now available for Adobe Reader 9 and Acrobat 9 to address critical vulnerability

• Symantec Endpoint Protection Antivirus for Windows Upgrade available to Faculty, Staff, Students

• University at Buffalo Emergency Web Site

• Learn how to recognize phishing scams by playing CMU's Anti-Phishing Phil

• USB Device Nightmare Becomes Reality (Campus Technology)

• Mozilla/Firefox browser: Download Latest Version

• US-CERT: Risks of Peer-to-Peer File Sharing Technology

• Latest Threats & Advisories (Symantec)

• Latest Vulnerabilities & Alerts (US-Cert)

• Are hackers using your PC to spew spam & steal? (USA Today)

• SANS OUCH! Archive - Monthly Security Awareness Alert for End Users

Important Links
• UB IT Policies

• Symantec Virus & Worm Removal Tools

• Microsoft: Protect Your PC Steps

• Mac Security: SecureMac.com site

• Symantec Security Check

• Glossary of Security Terms (WhatIs.com)

Did you know?
You can use a public computer more securely if you follow these 5 safety tips. (Microsoft)

Also: Follow the links for protecting your laptop on the road and using public wireless networks more securely.

Yo
ur role in keeping your computers secure

Your situation	Your role
Managed Workstation Configuration, installations, and updates are done for you, usually automatically over the network. Many work computers fall into this category.	Do not change anything without explicit permission from your IT support staff. Someone else is taking care of security management for you. Don't be fooled into helping attackers: follow the best practices in step 4 on this page.
Supported Workstation An IT support person works with you to perform installs & updates on the computer. Many work computers fall into this category.	Talk to your IT support staff about what is being done for you and what steps you need to take yourself. Don't be fooled into helping attackers: follow the best practices in step 4 on this page.
Do-It-Yourself You have no assigned IT support person for this computer. You will need to keep your computer secure yourself. Most home computers and many laptops fall into this category.	Follow all 4 Steps of Computer Management on this page. Click on the links to get step-by-step instructions. Use the UBIT software download site to get antivirus software for your computer free-of-charge.
* Adapted, with permission, from the University of Washington, Every Computer Needs Management Web page and security campaign: http://www.washington.edu/computing/security. Many thanks to Rick Ells from Computing & Communications, University of Washington.

1. Before connecting a new (or used) computer to any network or the Internet for the first time...
• Apply any critical operating system (OS) updates from CD or other media
— Burn a CD with the updates or copy them to a USB device
— Get OS Updates: Mac Windows UBLinux
— Burning a CD in UB's Public Computing Areas
• Install antivirus software from the UBIT software site and scan & clean your system.
• Reset any default passwords: Choosing a good/strong password
• Turn off file and print sharing
• Ask your IT support person about turning on a firewall: MacOS X Windows

2. Establish a security routine
• Automate your operating system updates
Mac Windows
• Automate your antivirus updates Mac Windows
• Perform other software updates regularly Mac Windows
• Ask your IT support staff about turning on a firewall MacOS X Windows
• Regularly run an anti-spyware program
Recognizing and Avoiding Spyware
• Don't use administrator accounts to do your work

3. Be ready for infections & system failures
• Backup your files regularly: Using removable media, Windows: Using UBFS space and Web Folders
• Be prepared in case you have to rebuild your system
— Keep your installation CDs for the operating system and other software handy
— Have a plan for getting system updates on CD or other media.
• In case of infection:
—Update your antivirus software before scanning Mac doc Windows doc
— Use Antivirus software to scan, then reboot, repeating scan/reboot until system is cleaned
How to Recover from a Virus Attack
— You may have to reformat and rebuild your system
• Upgrade to supported operating systems: Microsoft LifeCycle List, Macintosh: Support for Older Operating Systems

4. Don't be fooled into helping attackers
• Do not share your password with anyone; choose a good password
• Do not open unexpected attachments: the best practice is to scan all attachments with antivirus software before opening
• Do not download unknown programs from the Web
• Do not trade unknown files with peer-to-peer programs . Turn off file sharing in peer-to-peer software
• Do not believe amazing offers and unlikely stories and beware of phishing scams
• 5 Safety Tips for Using a Public Computer (Microsoft)

Last Updated 9/14/04
Questions or comments about this site should be sent to: the it-web group, University at Buffalo For IT help, please contact The CIT Help Desk or your local IT Support Provider.
Copyright 2004, University at Buffalo. All rights reserved.