UCL Computer Security Newsletter - May 2007
The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/cert.
Note - no April newsletter because of Easter break.
Microsoft as ever.
Symantec AV - a variant of Spybot is doing the rounds that exploits a
vulnerability in an old version of Symantec anti-virus even if the
Windows is fully patched, although it exploits various other
vulnerabilities too. It may also compromise machines with weak
administrator passwords. Further details at
2. JISC Legal - Interception and Monitoring Law
There will be a live webcast on Wednesday 16th May 2-3.45 pm - see
http://www.jisclegal.ac.uk/Webcast/index.html for further details.
IS have a webpage and mailing list information relating to the use of
PHP at UCL at http://www.ucl.ac.uk/is/php/ - issues such as best
practice with respect to security issues will be discussed here.
4. Important - Institutional Firewall
It is UCL policy that all departments will be protected by the
institutional firewall. A programme of transitions is currently
taking place and will run through to early August.
Please note all correspondence from the UCL Computer Security Team is
digitally signed either with personal PGP keys or the CERT team key
(public keys available from http://www.ucl.ac.uk/cert/contacts.html).
This newsletter and previous ones are available at
http://www.ucl.ac.uk/cert/cst-newsletters/index.html (except currently the
March one as that had sensitive information in it.
We welcome feedback on the content and organisation of documents on
our web page.