USI IT Advisory: UPDATE - Internet Explorer Critical Vulnerability
Sent 5/2/2014: This advisory is very important for anyone using Windows on campus or at home.
Microsoft has released patches to address the recent Internet Explorer critical vulnerability. Because this fix is needed immediately, we have released these updates to the campus. This should patch tonight for most computers, and if your computer is off overnight it should attempt to patch in the morning. It is likely your computer will need to reboot after receiving the patches.
Even though Microsoft has stated they will no longer patch XP, they did go ahead and provide a patch for this issue to XP users. If you run Windows at home, you should make sure you apply the patches to your home computer.
USI IT Advisory: Internet Explorer Critical Vulnerability
Sent 4/29/2014: This advisory is very important for anyone using Windows on campus or at home.
Microsoft has announced a critical vulnerability in Internet Explorer and this is being actively exploited already. The vulnerability allows the hacker to remote control your computer. No patch has arrived yet from Microsoft, but when it does we will release it to the campus immediately.
Effective right away, you should stop using Internet Explorer for browsing to any web sites that are outside of USI (browsing to web sites within *.usi.edu are safe, although it is probably best to use another browser to prevent accidentally browsing outside of USI). Firefox and Chrome are recommended. We will update this as more information becomes available.
USI IT Advisory: Security issues
Sent 4/9/2014: You may have seen information concerning the “Heartbleed” vulnerability. This is one of the most wide-spread vulnerabilities ever disclosed, affecting a very large portion of the Internet. When you browse to a web site using https, you should feel secure that you can enter your username and password and no one can see it. If a web site was hacked with the Heartbleed vulnerability, the hacker can easily see your username and password. Also, it is almost impossible for the web site operator to know if they have been hacked. Almost all major sites have been patched (gmail, yahoo mail, banking sites, etc.) but some smaller sites may not be. Since it is difficult to tell if your password has been stolen, the safest course of action is to change your password. We have updated USI web servers that were at risk.
Microsoft has officially stopped supporting Windows XP. What this means is if security vulnerabilities are found in XP, they won’t be patched and your computer will be at risk. We don’t see any immediate risk, but over time this risk will increase. We have identified about 100 computers still running XP on this campus and are stepping through getting these replaced, but it will probably take 6-10 weeks. If you are still running a USI computer with XP on the campus network, we will be contacting you to upgrade. If you have an older USI owned laptop at home with XP, it is quite likely it is past end of life and you may need to talk with your department about replacing it. And if you have a personally owned computer running XP at home, it is time to start thinking about replacing it. I have seen decent Dell desktops for as low as $340.
I have been hearing some increased talk of phone based scams, for example here: https://germanamerican.com/community/news--events. With modern phone systems, it is simple to make the caller ID look like it is a local number when in fact the call originates from overseas. These callers use what is known as “spear phishing”, which is a targeted attack. So for example you may ask – how did they know I had an account with ETFCU? Well, they probably don’t know. They just auto-dial random numbers in the 812 area code and they know they will get some hits. Never give out passwords, bank account numbers, etc. on any call you receive. If you think it is your bank calling, hang-up and call the bank directly.
One other type of hack we have seen is the social engineering technique. This technique tries to get you to divulge information based on the caller or sender presenting false information. A recent one had the person represented as a retired volunteer firefighter, looking to add patches, pictures, and other information to their collection. I have no idea what they are doing but it will probably result in trouble. Always treat any unsolicited contact with suspicion.
IMPORTANT: New Blackboard Version
Sent 4/1/2014: This advisory is important for faculty using Blackboard. If you are not a Blackboard user, you can ignore this message.
USI IT is releasing a new version of Blackboard and instructors now have access to the new site. This new version of Blackboard will be required starting with the SUMMER 2014 semester and summer classes have already been loaded. You will still be able to access your previous courses on the old system for at least one year. Blackboard 9.1 sp 14 has new features and a new look and feel, and we want to make sure you have an opportunity to explore this new version. Tutorials on new features have been posted and we will conduct a number of training sessions in April. Faculty and staff (but not students) can now access the New Blackboard through MyUSI.
To view tutorials please follow this link:
To register for training, please follow this link:
Windows Patch Night
Sent 3/18/2014: This advisory affects all of our Windows desktop users on campus. Tonight we expect to see Microsoft patches delivered to the campus.
This process occurs each month, and we will be letting you know when this is planned to occur.
If your computer is part of our “managed desktops” environment, tonight when you leave logoff your computer but don't shut it down. Patches for our managed desktops are scheduled for installation at 6AM in the morning and your computer will reboot afterwards and be ready for use by 7AM.
If you don’t know if your computer is part of our “managed desktops”, most likely it isn’t. In this case, patching will be no different from how it has happened in the past, and sometime later today or tonight you should see the patches arrive.
Richard Toeniskoetter 812-464-1733
Adobe Flash Security Issue
Sent 2/6/2014: A very high severity exploit has been announced for Adobe Flash. This software is installed on almost all campus computers. The exploit allows the hacker to remotely access and control your computer, and applies to both Windows and Mac computers. You can be exposed to this exploit by browsing the web, and it has already been found on the Internet.
Adobe is advising everyone to update to Flash version 18.104.22.168. We are seeing about ¼ of all campus computers have already been updated. Beginning this afternoon we are going to start pushing this patch to computers with older versions. You may see a window like the image below – this is our Kace tool automatically pushing the update. There are over 50 different versions of Flash running on campus computers, and this makes it difficult to predict exactly what you will see. You may even see it twice, because different browsers can have different versions. If you see this image below, you are being updated. Follow the prompts, and if you are unclear as to what is happening, please contact the Help Desk at x1080.
Any questions, please let me know.
USI IT Advisory
Sent 2/5/2014: Starting right away, IT will be using this email address (USI IT Advisory) to send important informational or advisory messages to USI employees about computing issues on the campus. I intend to keep these concise and clear, and I need everyone to recognize that these messages are important to read. We already have a few things queued up and you will see several messages this week.
If you have any questions or concerns about what is sent or any other IT issues, please contact me.
Executive Director Information Technology
University of Southern Indiana
Upgrade to Eagles Mail Aug-2013
Can't access your eagles mail? Temporary workaround is go to https://outlook.com/eagles.usi.edu
sent 8/19/2013: During the coming week, you will notice your myUSI Eagles email will look different. Microsoft, who provides our Eagle Mail service, is updating their system. The changes for email are mostly cosmetic, and we don't expect it to affect your email use. You should be able to logon to myUSI and use your Eagles mail as before. If you do experience any problems with your email, contact the USI IT Help Desk at 812-465-1080 for assistance. If we find any problems with the update, we will post information on the myUSI home page.
This has no effect on the faculty and staff Exchange email system.
Some of you may have used SkyDrive that was part of your Eagles email account to store files. Microsoft is separating SkyDrive out of our Eagles email service. If you have files on SkyDrive, make sure you can access them at https://skydrive.live.com. After the update, the help desk won't be able to reset passwords on SkyDrive.
Users should be able to login to their accounts throughout the upgrade by visiting https://my.usi.edu just as before. They will notice a cosmetic difference in the interface once their mailbox is converted.
The migration is expected to be complete in 48 to 72 hours.
You can now setup Eagles Mail on your smartphone
Before you can configure Eagles Mail on your smartphone, you will need to know your mobile PIN that we set on your Eagles Mail account.
Find your Mobile PIN
Setup your smartphone
Use the appropriate link below for detailed instructions for your device or view the YouTube instructions
Your device not listed?
Get your settings in Eagles Mail
If you have difficulties setting up Eagles Mail on your smartphone, you can stop by the IT Help Desk at FA 41 or call (812) 465-1080.