UCL Computer Security Newsletter - May 2006

The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/cert.

1. Updates

Microsoft - 3 updates - 2 critical.

One of the critical updates concerns Exchange server. This
vulnerability affects both Exchange 2000 and 2003. Updates and
further details are available from the Microsoft bulletin.

http://www.microsoft.com/technet/security/Bulletin/MS06-019.mspx

Sophos anti-virus - there is a critical vulnerability in many of the
products - please see Sophos' advisory and details about updates at

http://www.sophos.com/support/knowledgebase/article/4934.html.

2. Institutional Firewall

It is UCL policy that all departments will be protected by the
institutional firewall. We are contacting departments with a
schedule for placing them behind the Institutional Firewall.

3. General

Please note all correspondence from the UCL Computer Security Team is
digitally signed either with personal PGP keys or the CERT team key
(public keys available from http://www.ucl.ac.uk/cert/contacts.html).

This newsletter and previous ones are available at
http://www.ucl.ac.uk/cert/cst-newsletters/index.html.

We welcome feedback on the content and organisation of documents on
our web page.