News

You may have noticed problems during or immediately after the recent IMAP server upgrade. Some unanticipated migration problems occurred that may have caused some lost or delayed mail.

We currently believe that this is limited to mail that arrived between approximately 7am and 10am on Saturday, June 4. If you believe you’ve lost additional mail that arrived either before or after the morning of Saturday, June 4 or if you are still having issues related to the upgrade, please contact idsg@eecs.

We believe that all the problems have now been resolved and sincerely apologize for this inconvenience.

HERMES, the EECS Windows general login server is being configured with
quotas on Wednesday, June 29th.

The quota limit will be 500MB and will apply to C:\Documents and Settings\user.

This is the default users profile location and the only directory users can write to on HERMES.

When a user profile reaches 250MB a reminder will be sent to the user
that the profiles is approaching the 500MB limit.

When a user reaches the 500MB limit, no more data storage will be allowed. This is a fixed quota.

IDSG recommends users save files in their home directories and not on
the local C:\ drive of HERMES as HERMES is not being backed up.

In the event of data loss, no restoration effort will be made.

[Read more…] about HERMES Quota

Microsoft has released security patches as of Tuesday, June 14th 2005. The security bulletin is available at http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx

Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies http://socrates.berkeley.edu:2002/MinStds/.

Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.

Critical Security Bulletins

---

Microsoft Security Bulletin MS05-025
– Cumulative Security Update for Internet Explorer (883939)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected software:
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition

Microsoft Security Bulletin MS05-026
– Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition

Microsoft Security Bulletin MS05-027
– Vulnerability in SMB Could Allow Remote Code Execution (896422)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition

Important Security Bulletins

---

Microsoft Security Bulletin MS05-028
– Vulnerability in Web Client Service May Allow Elevation of Privilege (896426)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected software:
Windows XP Service Pack 1
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows Server 2003
Windows Server 2003 for Itanium-based Systems

Microsoft Security Bulletin MS05-029
– Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected software:
Exchange Server 5.5 Service Pack 4

Microsoft Security Bulletin MS05-030
– Cumulative Security Update in Outlook Express (897715)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows Server 2003
Windows Server 2003 for Itanium-based Systems

Microsoft Security Bulletin MS05-031
– Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)
– Impact: Remote Code Execution
– US-CERT is not currently aware of any exploits for this vulnerability.
Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition

Moderate Security Bulletins

---

Microsoft Security Bulletin MS05-032
– Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
– Impact: Spoofing
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected Software:
Windows 2000 Service Pack 3
Windows 2000 Service Pack 4
Windows XP Service Pack 1
Windows XP Service Pack 2
Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Windows XP 64-Bit Edition Version 2003 (Itanium)
Windows XP Professional x64 Edition
Windows Server 2003
Windows Server 2003 for Itanium-based Systems
Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 2003 x64 Edition

Microsoft Security Bulletin MS05-033
– Vulnerability in Telnet Client Could Allow Information Disclosure (896428)
– Impact: Information Disclosure
– US-CERT is not currently aware of any exploits for this vulnerability.
Originally posted: June 14, 2005
Updated: June 15, 2005
Version: 1.1
Affected Software:
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
When running on Windows 2000:
Microsoft Windows Services for UNIX 3.5
Microsoft Windows Services for UNIX 3.0
Microsoft Windows Services for UNIX 2.2

Microsoft Security Bulletin MS05-034
– Cumulative Security Update for ISA Server 2000 (899753)
– Impact of Vulnerability: Elevation of Privilege
– US-CERT is not currently aware of any exploits for this vulnerability.
Affected Software:
Microsoft Internet Security and Acceleration (ISA) Server 2000 Service Pack 2
Microsoft Small Business Server 2000
Microsoft Small Business Server 2003 Premium Edition
[Read more…] about Microsoft Security Bulletin Summary for June

We're experiencing some delays in delivering email. No mail has been/is
lost. We've been working on trying to fix this. At this point things are a
bit better, but not quite there yet.



Vadim.

[Read more…] about email delays

Microsoft will release their patches for the month on June 14th, 2005.
HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, June 15th, from 3:00 – 5:00pm.

The switch in 165 Cory Machine room will be upgraded on Monday June 6 at 07:00 (AM).

Ports will be moved one at a time to avoid undue downtime. Typical outage should be less than 5 seconds.
Unless your operating system behaves badly with having your default MAC address changed, then you probably wont notice anything.

Once everyone is moved over, the main uplink fibers will be changed over.
This may or may not cause a glitch.
We don’t expect it to. Durring the switch over there may be a performance hit, since during this time the pipe will be reduced to 100MBS.
The overall mintenance window should only be 1 hour.

There will be network downtime for soda 7 floor switch Thursday, June 2nd, 2005 at 7:30 AM. The downtime is expected to last no more than 1 hour.
This will affect users who use wired connection on the 7th floor.
I regret any inconvenience this may cause. Please make your plans accordingly.

There will be an emergency network downtime. We will replace another
network hardware for soda 5a switch today May 25, 2005.

There will be brief network outages from 12:15PM to 12:45PM.

This will affect users who use wired connection on the 5th floor. Since our wireless network feeds into our switched infrastructure at several locations in Soda, there will also be a couple of brief outages to the wireless network from floors 5-7 as well.

I regret any inconvenience this may cause. Please make your plans
accordingly.

There will be an upcoming downtime for all wireless services in EECS
for this Thursday May 26th from 06:00-08:00 AM for a code upgrade. Please plan
accordingly.

There will be an emergency network downtime.

We will replace a network
hardware for soda 5a switch today May 24, 2005. There will be brief
network outages from 12:15PM to 12:45PM.

This will affect users who use wired connection on the 5th floor. Since
our wireless network feeds into our switched infrastructure at several
locations in Soda, there will also be a couple of brief outages to the
wireless network from floors 5-7 as well.

I regret any inconvenience this may cause. Please make your plans
accordingly.