• Skip to content
  • Skip to primary sidebar

UCI Information Security

Information Security at the University of California, Irvine

Archives for October 2014

Google now offering a physical key for 2-Step Verification

October 22, 2014 by Isaac Straley Leave a Comment

2-Step Verification offers a strong extra layer of protection for Google Accounts. Once enabled, you’re asked for a verification code from your phone in addition to your password, to prove that it’s really you signing in from an unfamiliar device. Hackers usually work from afar, so this second factor makes it much harder for a hacker who has your password to access your account, since they don’t have your phone.

Today we’re adding even stronger protection for particularly security-sensitive individuals. Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google. Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.

More: http://googleonlinesecurity.blogspot.com/2014/10/strengthening-2-step-verification-with.html

Share

Filed Under: News Tagged With: auth, authentication, multi-factor

Drupal Security Update

October 15, 2014 by Lee Knutson Leave a Comment

Drupal has released an update to fix a highly critical vulnerability in Drupal 7. Attackers can leverage a SQL injection attack for privilege escalation, allow arbitrary PHP code execution and other attacks.

For more information, see https://www.drupal.org/SA-CORE-2014-005

Share

Filed Under: Application Updates Tagged With: Drupal, Update

Oracle Java 8 Update 25 / Java 7 Update 71 Security Updates

October 15, 2014 by Lee Knutson Leave a Comment

Oracle has released a security update to Java that includes fixes for several security vulnerabilities. The updated versions are JDK/JRE 8 Update 25 and 7 Update 71. Updates are available for Java 7 and Java 8 on Windows, Solaris, Linux, and Mac OS. Be sure to update your Java installation(s) as soon as possible.

This release is available for both server and workstation installations of Java. Java can be updated via the included Java Updater or at http://java.com/en/download/index.jsp

Note that Oracle has indicated it will no longer be providing public updates to Java 7 after April 2015.

Continuing to use a vulnerable version of Java, especially in a browser, is a surefire way to end up with a compromised system.

For more information, see:
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA

Share

Filed Under: Application Updates Tagged With: Java, Linux, Mac OS, Update, Windows

Microsoft Security Bulletin Summary for October 2014

October 14, 2014 by Lee Knutson Leave a Comment

Today, Microsoft released 8 security bulletins, 3 of which have a maximum severity rating of Critical, and 5 of which have a maximum severity rating of Important.

Microsoft products affected include Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer.

For specific versions and more information, see https://technet.microsoft.com/library/security/ms14-oct

Share

Filed Under: Operating System Updates Tagged With: Update, Windows

Next Page »

Primary Sidebar

Tags

Acrobat Acrobat Reader Adobe auth authentication breach Bruce Schneier CPU bug credit cards Critical Bug Data Breach Drupal Firefox Firmware Flash Google Intel iOS iTunes Java Joomla! KVM Linux Mac MacOS Mac OS Mac OS X Meltdown multi-factor Oracle Privacy QEMU QuickTime Rails Ruby Safari Solaris Spectre Thunderbird Update Updates Upgrade Windows WordPress Xen

Archives

  • April 2018
  • March 2018
  • January 2018
  • October 2017
  • August 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • October 2016
  • September 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010

© 2019 UC Regents