The following is information pertinent to our users from Commonwealth Security and Risk Management: CSRM has been monitoring a recently announced unpatched vulnerability in Internet Explorer that is being actively exploited.  The exploit allows an attacker to infect an user using a malicious website that has been specifically crafted to take advantage of this vulnerability.  When the user visits the site, the malware is downloaded to their PC.  The malware is then installed the next time the user logs into their system. The vulnerability affects Internet Explorer versions 6 – 9.  Microsoft has not released a patch for this vulnerability, however, they have released a security advisory with several workarounds that can be used until a patch can be released.  Users should consider using a different web browser if possible.  The workaround identified in the Microsoft security advisory are as follows: Deploy the Enhanced Mitigation Experience Toolkit Set Internet … [Read more...]

Information Security is encouraging users on both PCs and Macs to update Java due to a security vulnerability. Users can upgrade to the latest version of Java at: http://java.com/ More details regarding the security vulnerabilities may be located at: https://blogs.oracle.com/security/entry/security_alert_for_cve_20121 … [Read more...]

Notice from DHRM: The message below is being distributed to state employees, and apparently originated in the United Kingdom (the British Isles).  This email has no connection to any of the state benefit programs, including the health care plans. Please advise your employees not to click the links within this message. As always, thank you for your assistance.   … [Read more...]