coeus/project will be down at 5pm on Wednesday, September 14th for an
upgrade. The downtime is expected to last no more than 15 minutes.
News
Microsoft Security Patch for Plug and Play
As noted in
https://iris.eecs.berkeley.edu/news/2005/0811-Microsoft_security_p-363.shtml,
Microsoft security patches for August 2005 were released on Aug 9, 2005.
The critical Vulnerability in Plug and Play as listed in Microsoft Security Bulletin MS05-039 has become a vector for active exploits and administrative compromise of Windows systems.
There are active exploits in the wild.
Because of this, it is now assumed that any system that has not been patched for the Vulnerability in Plug and Play as listed in Microsoft Security Bulletin MS05-039 is compromised.
Both security@EECS.Berkeley.EDU and security@Berkeley.EDU are actively scanning the network for systems that are not patched for MS05-039.
Effective Today 8/22/05. it is now assumed that any Windows 2000 (Home, Professional, or Server) system that has not been patched for the Vulnerability in Plug and Play as listed in Microsoft Security Bulletin MS05-039 is compromised.
If these scans show any Windows system that is not patched, support for the system will be suspended.
If the system is Windows 2000 (Home, Professional, or Server), it will be required to be re-built from secure media prior to resumption of support.
All other Windows systems will be required to install the patch prior to resumption of support.
[Read more…] about Microsoft Security Patch for Plug and Play
Unscheduled Resolved Outage DoeCEV
UNSCHED RESOLVED OUTAGE DoeCEV 12 August 2005: 11:48 – 14:17PDT
Equipment: inr-000/packetshaper/ISP link
Location: DoeCEV
Date: 12 August 2005: Start: 11:48 End: 14:17PDT
Description:
Shortly before noon, a UPS in the DoeCEV failed. The failed UPS had supplied
power to (among other things) a media converter chassis which sat in the path
between inr-201 (a core router) and inr-000 (one of our border routers).
Routing within campus converged to utilize alternate paths as expected; however,
inr-000, which was isolated from the rest of campus, continued to announce
campus connectivity upstream.
These announcements attracted some return ISP traffic, and caused loss of
connectivity to some off campus sites.
Shortly after 2pm, power to the fiber media converter was restored, and all
traffic to/from campus along the commodity ISP path began flowing normally
once again.
– Christopher
Unscheduled Outage DoeCEV – Ongoing
Equipment: inr-000/packetshaper/ISP link
Location: DoeCEV
Date: 12 August 2005: Start: 11:48PDT End: ongoing
Description:
At approximately 11:48PDT this morning, one of our core routers lost connectivity to
the the ratelimiting device which connects it to one of our border ISP links.
ISP traffic converged to the other ISP link, however, one or more misbehaving hosts were
consuming a great deal of available bandwidth and caused packet loss/delay on the other
ISP link.
We have blocked one of the misbehaving hosts for operational issues, and are investigating
the loss of connectivity to the other ISP link and packetshaper.
Microsoft security patches for August 9th, 2005
Microsoft has released security patches as of August 9th, 2005.
Bulletin: http://go.microsoft.com/fwlink/?LinkId=51160
Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.
Critical Security Bulletins
===========================
Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-043
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Important Security Bulletins
============================
Microsoft Security Bulletin MS05-040
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Moderate Security Bulletins
===========================
Microsoft Security Bulletin MS05-041
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-042
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) – Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 Service Pack 1
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition
5th Floor Cory Network Outages
We will be changing out some major network hardware on the 5th floor of Cory Hall. This should only take about half an hour, but for safety’s sake we will schedule a 2 hour maintenance window from 0630 to 0830 AM. This will take place either this Thursday(11AUG05) or Friday(12AUG05) depending on when we get the parts. This will knock out most of the South and West side of the 5th Floor, along with the wireless covering that area. Some servers may be down which cover larger areas. This is being done proactively to avoid a major meltdown. Thank you for your patience.
[Read more…] about 5th Floor Cory Network Outages
Switch Maintenance
Due to some potential problems with one of the switches servicing the 5th floor of Cory, we will possibly be doing some work on it either tomorrow (Friday) or Monday morning from 07:30 to 08:30. Actual outage may only be for a few minutes.
This should only be noticed by people on the 5th floor of Cory, however, since this may be experienced by servers on the 5th floor, the outage may be felt elsewhere.
Bruce
HERMES, PRINT, RIS, AND WINSWW Downtime
Microsoft will release their patches for the month on August 9th, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, August 10th, from 3:00 – 5:00pm.
Campus-wide Scheduled Maintenance
There will be a campus-wide scheduled maintenance on Saturday, July 16, 2005 8:00am – 12:00pm
Communications and Network Services (CNS) will be upgrading and moving inr-202, one of two core routers in the campus network. The other core router is inr-201; since inr-201 and inr-202 are redundant, there should not be any major disruption to campus network connectivity. There will likely be minor interruptions when the inr-202 is powered down shortly after 8:00am.
This work may involve downtime on one of EECS’s links to the campus backbone.
Microsoft Security Bulletin Summary for July
Microsoft has released security patches as of July 12th, 2005.
http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx
Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification.
Should there be active exploits, the time will be adjusted and users will be informed appropriately.
Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.
Microsoft Security Bulletin MS05-035
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)
– Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Office 2000 Software Service Pack 3 Word 2000
Microsoft Office XP Software Service Pack 3 Word 2002
Microsoft Works Suites:
Microsoft Works Suite 2000
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003
Microsoft Works Suite 2004
Microsoft Security Bulletin MS05-036
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
– Impact: Remote Code Execution US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-037
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
– Impact: Remote Code Execution – US-CERT: A Proof of Concept exploit script has been published.
Affected software:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003 x64 Edition, and Microsoft Windows XP Professional x64 Edition