IRIS

Microsoft has released security patches as of May 10th 2005. See
http://www.microsoft.com/technet/security/bulletin/ms05-may.mspx for complete bulletin.

Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).

Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.

Critical Security Bulletins

---

Microsoft Security Bulletin MS05-024
Vulnerability in Web View Could Allow Remote Code Execution (894320)
– Impact: Remote Code Execution
– A Proof of Concept exploit has been published.
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
[Read more…] about Microsoft Security Bulletin Summary for May 2005

There will be an emergency network downtime. We will replace network hardware for soda 5a switch on Wed morning May 11, 2005. There will be brief network outages from 7:30AM to 8AM.

This will affect users who use wired connection on the 5th floor. Since
our wireless network feeds into our switched infrastructure at several
locations in Soda, there will also be a couple of brief outages to the
wireless network from floors 5-7 as well.

[Read more…] about Soda 5A Switch Downtime, May 11 and 17

Microsoft will release their patches for the month on May 10th. HERMES,PRINT, RIS and WINSWW will be down for patching Wednesday, May 11th from 3:00 – 5:00pm.

This web site (https://iris.eecs.berkeley.edu) will be down Sunday, May 1 from 10pm to 12 midnight for routine maintenance.

During this time, all services provided by iris.eecs.berkeley.edu will be unavailable. Note that this includes the main IRIS web site, the EECS network database, and the IRIS purchasing database.

Please send comments to img@eecs.

Hi folks –

This mail is to remind you that starting Sunday, the campus reserves the right to terminate network access without notice, for systems which do not meet the campus minimum security standards for networked devices.

Although EECS has made good progress towards meeting the standards, there are still many many systems on our networks which are not up to code. We are continuing to work with you to fix the existing problems, and are actively developing tools to assist you in assessing the state of your systems.

Aspects of the standards which are most likely to cause problems in EECS include:

* Windows and Apple systems must run antivirus software.

* All mail servers must scan mail for virus laden attachments.

* Most hosts, including Windows 2000 Professional, XP, MacOSX, and all unix systems, must run personal firewall software.

* All services must be authenticated, and no unencrypted authentication mechanisms are allowed. Services such as telnet and non-anonymous FTP need to be turned off. All unnecessary services must be disabled.

* Systems must be fully patched. Systems must not run software or operating systems which are not actively supported by the developer. A partial list of operating systems no longer allowed on campus networks includes:

Windows NT4 and earlier
Windows 98, first edition and earlier
RedHat Linux 9.x and earlier (must upgrade to Fedora or enterprise edition)
Solaris 7 and earlier, unless you have an active “Vintage Support” contract with Sun
SGI IRIX before 6.5.27
HP-UX 10.30 and earlier
Ultrix
OSF
AIX 4.3.3 and earlier
MacOS 9 and earlier (must upgrade to OSX)

Systems running these operating systems *may* be disconnected from the network without notice starting Monday (see below).

The full set of standards is online here:

http://socrates.berkeley.edu:2002/MinStds/AppA.min.htm

The overall campus security policy (including implementation guidelines and mechanisms for requesting exceptions to the standards) is here:

http://socrates.berkeley.edu:2002/MinStds/

Although we do not anticipate that there will be a mass disconnection of noncompliant systems on Monday, recent security incidents elsewhere on campus have *significantly* increased the likelihood that this will happen in the not-so-far future. We *strongly* urge all members of the department who are responsible for computing resources (there are about a thousand of you) to make sure that those systems are compliant with the minimum standards in order to avoid inconvenience.

Please send questions or concerns directly to me.

Thanks, folks.

–alex

The EECS RIS server is back in production. Currently the only image
being offered is Window XP SP2.

Our domain requires NTLMv2 or better for authentication. With that level
of security, Server 2003 RIS services can not install a Windows 2000
image. Microsoft is aware of the problem and working on a soulution. A
Windows 2000 image will be made available as soon as possible.

Thank you for your patience through this down time.

PRINT and WINSWW will be rebooted and unavailable for 15 minutes on Friday, April 29th from 5:00PM to 5:15PM.

We will replace a new switch on Soda 5th floor on Thursday morning April 28, 2005. There will be brief network outages from 7AM to 8AM. This will affect users who use wired connection on the 5th floor. Since our wireless network feeds into our switched infrastructure at several locations in Soda, there will also be a couple of brief outages to the wireless network from floors 5-7 as well. I regret any inconvenience this may cause.

Please make your plans accordingly.

The IRIS general UNIX login server argus.EECS.Berkeley.EDU
is scheduled for routine maintenance on Wednesday, April 20th and will be shutdown and rebooted at 5:00pm.

We expect argus will be off-line for less than 10 minutes.

Please make your plans accordingly.

Microsoft has released security patches as of April 12th, 2005. See http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx for complete bulletin.

Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification. Should there be active exploits, the time will be adjusted and users will be informed appropriately. Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).

Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.

Critical Security Bulletins

---

Microsoft Security Bulletin MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
– Impact: Remote Code Execution
– No active exploit as of 04/14/05.
Microsoft Windows 2000 Service Pack 3 and 4
Microsoft Windows XP Service Pack 1 and 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems

Microsoft Security Bulletin MS05-020
Cumulative Security Update for Internet Explorer (890923)
– Impact: Remote Code Execution
– No active exploit as of 04/14/05.
Microsoft Windows 2000 Service Pack 3 and 4
Microsoft Windows XP Service Pack 1 and 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems

Microsoft Security Bulletin MS05-021
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
– Impact: Remote Code Execution
– No active exploit as of 04/14/05.
Microsoft Exchange 2000 Server Service Pack 3
Microsoft Exchange Server 2003
Microsoft Exchange Server 2003 Service Pack 1

Microsoft Security Bulletin MS05-022
Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)
– Impact: Remote Code Execution
– No active exploit as of 04/14/05.
MSN Messenger 6.2

Microsoft Security Bulletin MS05-023
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
– Impact: Remote Code Execution
– No active exploit as of 04/14/05.
Microsoft Word 2000
Microsoft Works Suite 2001
Microsoft Word 2002
Microsoft Works Suite 2002
Microsoft Works Suite 2003
Microsoft Works Suite 2004
Microsoft Office Word 2003
[Read more…] about Microsoft Security Bulletin Summary for April 2005