STEAM

Advisory Alerts

• Phishing Email - "Your myMail Account is on Restriction"

  There was recently a spear-phishing attempt that was sent out to Purdue users that attempted to trick them into logging into a fake myMail login page.

  Posted by ITSP - Security on April 19, 2013.

• Phishing Email Alert: **{Suspension Of Your purdue.edu Account}**

  New spear phishing attempt targeting Purdue students, faculty, and staff.

  Posted by ITSP on January 27, 2013.

• Phishing Email Alert: [Your Webmail Account is on Restriction]

  A spear-phishing attempt is circulating targeting Purdue users.

  Posted by ITSP - Security on January 24, 2013.

• (UPDATED 1/14) Java 7 Zero Day Vulnerability

  On January 10, 2013, security researchers reported an unpatched vulnerability in Oracle Java 1.7u10.

  Posted by Curt Jansen on January 11, 2013.

• Java Zero-Day Patched

  Sun Java vulnerability caused by an input handling error that can be exploited to execute Java based programs has been reported. NOTE: Patch Available

  Posted by Brad Graves on April 16, 2010.

• Microsoft Server Message Block (SMB) Vulnerability allows for Remote Code Execution

  Update 2: Microsoft has released a "Fix-it" tool to automatically disable the SMBv2 service, which is presently the only known mitigation technique other than implementing firewall rules to block SMB traffic.

  Posted by William Harshbarger on October 02, 2009.

• Microsoft Office Web Components ActiveX Remote Code Execution Vulnerability

  The Microsoft Office Web Components ActiveX control used by Internet Explorer contains a vulnerability that when exploited will allow an attacker to gain rights of the local user and allow remote code execution.

  Posted by William Harshbarger on July 13, 2009.

• Critical Unpatched Internet Explorer Issue

  An unpatched vulnerability exists in Internet Explorer 7 which may allow an attacker to compromise a user's system simply by having the user browse to a specially crafted web page. User's should be EXTREMELY cautious while browsing the web with IE7 before a patch is released and downloaded, and it is suggested that an alternate web browser be used. This exploit has already been seen in active use in the the wild.

  Posted by William Davis on December 12, 2008.

• Phishing Emails Threatening Internet Service Disconnection Carry Virus

  This email has been reported by numerous users of Purdue email systems. In some cases it has been reported that the .exe file contained in the zip file attachment named "user-EA49943X-activities.zip" has propagated automatically to c:\temp\escan\user-EA49943X-activities.zip\user-EA49943X-activities.exe where a virus scanner had flagged its presence. It is unknown by what mechanism this file was unzipped as none of the users reported clicking on or opening the email.

  Posted by Brett Davis on September 17, 2008.

• Critical SSH Issue Involving Education and Research Institutions

  Starting in March of this year, a large number of research and education systems have been compromised using stolen SSH keys. The keys are used to gain system access as an unprivileged user, and then local kernel exploits are used to gain administrative access and install a rootkit and gather more SSH keys.

  Posted by William Davis on August 26, 2008.

• Multiple reports of attempted and successful SQL injection attacks against campus web sites.

  Multiple reports of attempted and successful SQL injection attacks against campus web sites.

  Posted by Kitch Spicer on July 18, 2008.

• Adobe Acrobat and Reader Vulnerability affects Windows and Macs

  Adobe has reported a critical vulnerability in Acrobat and Reader. The vulnerability could allow a malicious user to crash an affected machine to gain full access. Most versions are affected.

  Posted by Douglas Couch on June 30, 2008.

• Multiple Xserver and XInput Vulnerabilities

  Multiple vulnerabilities have been discovered in the server code of the X window system, which can cause an assortment of overflows. Local exploitation of these overflows cause the X server to crash or allow the execution of arbitrary code in certain situations.

  Posted by Kitch Spicer on January 23, 2008.

• Critical Vulnerabilities In Adobe Flash Content May Lead to Cross-Site Scripting (XSS) Attacks

  Critical vulnerabilities in Adobe Flash content have been found which leave potentially hundreds of thousands of websites and a considerable percentage of major Internet sites susceptible to Cross-Site Scripting (XSS) attacks that would allow malicious individuals to steal personal details of visitors.

  Posted by Nathan Heck on January 14, 2008.

• Adobe Flash Player: Multiple Vulnerabilities

  Adobe Flash Player and Flash Plugin have been found to have multiple vulnerabilities which could allow an attacker to remotely execute code on a vulnerable system, obtain sensitive information via browser keystrokes, and allow cross-site request forgery. These vulnerabilities affect all users of Adobe Flash Player regardless of platform (Win, Mac, Solaris, and Linux). A new version that addresses the security issues has been released by Adobe.

  Posted by Douglas Couch on July 17, 2007.