Instructional & Research Information Systems
by IRIS Staff
Nov. 15 2005 from 0600-0630, core router inr-202 will be reloaded to upgrade the software running on it. This is necessary for two reasons:
There will not be any prolonged outage, because this router is redundant with another, inr-201. However, there may be a brief disruption while routing converges.
by IRIS Staff
********************************************************************
Title: Microsoft Security Bulletin Summary for November 2005
Issued: November 8, 2005
Version Number: 1.0
Bulletin: http://go.microsoft.com/fwlink/?LinkId=56129
********************************************************************
Security patches defined by Microsoft as “critical” or “important”
MUST be applied within 10 business days of notification. Should there
be active exploits, the time will be adjusted and users will be
informed appropriately. Hosts unpatched after the defined time are
subject to scanning and removal from the EECS network as per campus
IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the
Microsoft OS, and installed applications, please read requirements
carefully.
Critical Security Bulletins
===========================
MS05-053 – Vulnerabilities in Graphics Rendering Engine Could Allow
Code Execution (896424)
Impact: Remote Code Execution
Affected Software:
– Windows 2000 Service Pack 4
– Windows XP Service Pack 1
– Windows XP Service Pack 2
– Windows XP 64-Bit Edition Version 2003 (Itanium)
– Windows XP Professional x64 Edition
– Windows Server 2003
– Windows Server 2003 for Itanium-based Systems
– Windows Server 2003 with SP1 for Itanium-based Systems
– Windows Server 2003 x64 Edition
by IRIS Staff
We are very pleased to announce that a second EECS computing/networking helpdesk is now officially established in Soda hall, room 313. The Soda Hall helpdesk will be open daily from 9 am to 5pm, and our onsite consultants will do their best to resolve all your computing and networking inquiries or facilitate other requests. You can also reach them via email (help@eecs) or phone (2-7777). Software will be available for checkout from the Soda Hall helpdesk as well.
The Cory Hall helpdesk (395 Cory) will continue to be in operation.
Please come to say hello to our helpdesk consultants when you get a chance. And if you have comments or suggestions, please let us know.
by IRIS Staff
Microsoft will release their patches for the month on Tuesday, November 8, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, November 9, 2005, from 3:00 – 5:00pm.
macserver.eecs.berkeley.edu, which hosts the Mac software warehouse, will be down for maintenance at this time as well.
by IRIS Staff
The Oct. 11 townhall meeting was successful, thanks to those attended. A summary of the meeting is now attached. Since some of the target dates can slide, we will be sending out announcements when they are ready. Please also share this info with those that did not make to the meeting.
Attachment: EECS-townhall-101105.pdf
The Department’s web server was experiencing some trouble communicating with the Oracle Calendar server, and was restarted several times today between 3pm and 5pm. Users may have noticed the web server was occasionally unresponsive during this period.
We believe it is stable for now. We will be making some configuration changes in the next few days to isolate the main server from the Oracle calendar processes to prevent such interruptions in the future.
We apologize for any inconvenience.
Oracle has just released their quarterly patch update, which contains fixes for some “critical” vulnerabilities. We will be taking our Oracle installation down on Thursday, Oct 20 at 5:30pm for patching. This is a very large patch and could take several hours to install, so I am scheduling 4.5 hours of downtime. I am hoping it will not take that long, but please do not plan on having access to the network database before 10pm Thursday.
This will affect all forms that are normally available on the IRIS network page.
Please send any questions to IMG.
-Rob
by IRIS Staff
This coming Wednesday, 19 October 2005, from 6:00am to 8:00am, CNS will
be upgrading inr-201, one of two core routers in the campus network.
The other core router is inr-202. Inr-201 and inr-202 are
redundant routers, so the majority of campus network service will not be affected. However, the campus VPN service and EECS VPN service are attached to inr-201 only and will be out of service during the maintenance.
Note: This maintenance will not affect the VPN serving the OPTRS application.
by IRIS Staff
The old print server will be going down for good on the morning of Monday, October 23rd. If you have print queues on your client pointing to PRINT2 instead of PRINT, you will notice the change. Please make sure all your print queues are pointing to print.
by IRIS Staff
********************************************************************
Title: Microsoft Security Bulletin Summary for October 2005
Issued: October 11, 2005
Version Number: 1.0
Bulletin: http://go.microsoft.com/fwlink/?LinkId=54789
********************************************************************
Security patches defined by Microsoft as “critical” or “important”
MUST be applied within 10 business days of notification. Should there
be active exploits, the time will be adjusted and users will be
informed appropriately. Hosts unpatched after the defined time are
subject to scanning and removal from the EECS network as per campus
IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the
Microsoft OS, and installed applications, please read requirements
carefully.
Critical Security Bulletins
===========================
MS05-050 – Vulnerability in DirectShow Could Allow Remote Code
Execution (904706)
Impact: Remote Code Execution
Affected Software:
MS05-051 – Vulnerabilities in MSDTC and COM+ Could Allow Remote
Code Execution (902400)
Impact: Remote Code Execution
Affected Software:
MS05-052 – Cumulative Security Update for Internet Explorer (896688)
Impact: Remote Code Execution
Affected Software:
Windows 2000 Service Pack 4
Important Security Bulletins
============================
MS05-046 – Vulnerability in the Client Services for Netware Could
Allow Remote Code Execution (899589)
Impact: Remote Code Execution
Affected Software:
MS05-047 – Vulnerability in Plug and Play Could Allow Remote Code
Execution and Local Elevation of Privilege (905749)
Impact: Remote Code Execution
Affected Software:
MS05-048 – Vulnerability in the Microsoft Collaboration Objects
Could Allow Remote Code Execution (907245)
Impact: Remote Code Execution
Affected Software:
2000 Post-Service Pack 3 Update Rollup of August 2004
MS05-049 – Vulnerabilities in Windows Shell Could Allow Remote Code
Execution (900725)
Impact: Remote Code Execution
Affected Software:
Moderate Security Bulletins
===========================
MS05-044 – Vulnerability in the Windows FTP Client Could Allow File
Transfer Location and Tampering (905495)
Impact: Remote Code Execution
Affected Software:
MS05-045 – Vulnerability in Network Connection Manager Could Allow
Denial of Service (905414)
Impact: Remote Code Execution
Affected Software:
[Read more…] about Microsoft Releases Security Patches for the Month