AgSci IT Tech Alerts

Penn State Password Management Upgrade

2011-12-05T08:49:00.001-05:00

Beginning Monday, December 5, 2011, Information Technology Services (ITS) unveiled its newest upgrade that enables users to reset their forgotten or expired Penn State Access Account password without the assistance of the ITS Accounts Office.

The Password Management page, work.psu.edu/password, will feature three options for users. The first option to change one's password remains unchanged, while a process to create/update security questions will be available along with a section for forgotten passwords.

In order to take full advantage of the upgrade, however, security questions must be set. By establishing security questions through the Password Management page, users will be able to reset their Access Account password if forgotten or expired. This function will be accessible from anywhere that there is an Internet connection.

If users opt out of enabling the security questions, they will need to follow the current procedures in place should their Access Account password expire, or is forgotten; as such, they must visit a signature station at one of the University's campuses, or contact the ITS Account Services Office at the University Park campus.

Ag IT STRONGLY RECOMMENDS that you setup Security Questions to be able to reset your Access Account password in the event that it has expired or has been forgotten.

See How To Update Your Penn State Access Account Security Questions.

Note: County Extension Staff Only - If you don't know your Penn State ID number, you may contact Extension Payroll at 814-865-5410. Staff can look up your 9 digit Penn State ID number. If there are several county-based staff who need to know their Penn State ID number, please create a list of Access Account UserIDs, First and Last Names for her. In addition, you do NOT need to provide a SSN number to get your Penn State ID number. SSN numbers should never be sent via email in any case.

Update Released for Adobe Flash Player (version 10.3.181.34)

2011-07-07T07:20:00.003-04:00

On June 30, 2011 Adobe released a update for Adobe Flash Player.

Note: This is NOT a security update.

Summary
Adobe Flash Player 10.3.181.34 addresses compatibility issues with some content using cross-domain policy files.

Action Required: None

If you want to update to the most current version, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: The above steps are written for Internet Explorer on a Windows computer. Your account on the computer must be an Administrator to follow these steps. If your account is not an Administrator and are using a College of Ag Enterprise Network computer, you can submit a Help Request to have the update applied for you.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Security Update Released for Adobe Flash Player (version 10.3.181.26)

2011-06-15T08:37:00.001-04:00

On June 14, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note: There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page. The advisory states in part:

Summary
A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash).

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Security Update Available for Adobe Reader and Acrobat

2011-06-15T08:27:00.003-04:00

Adobe shipped critical security updatese to its Adobe products on June 14, 2011 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

You should be able to use the built-in Updater program to update the software.

Open Adobe Reader or Adobe Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps 1 - 3 until no more updates are available.

Note

Acrobat for Windows downloads

Note

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Oracle Java Standard Edition (SE) 6 Update 26 Released

2011-06-07T14:48:00.001-04:00

As of June 7, 2011, the current version of the Oracle Java client is Java(TM) 6 Update 26.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6 Update 26 contains 17 new security vulnerability fixes for Oracle Java SE. All these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Oracle Update Release Notes can be found here: http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html

Note:
Java is a programming language and computing platform first released by Sun Microsystems in 1995. Java Standard Edition or Java SE is used by your computer to run certain web based applications. These may include web based training applications.
http://www.java.com/en/about/

Security Update Released for Adobe Flash Player (version 10.3.181.23)

2011-06-06T08:55:00.004-04:00

On June 5, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note: There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page. The advisory states in part:

Summary
An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash).

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Adobe Flash Player Update Released for Internet Explorer

2011-06-02T07:13:00.004-04:00

On June 1, 2011 Adobe released an update to their Flash Player 10 software. This release is for Internet Explorer browsers on Windows only.

Summary

Flash Player 10.3.181.16 addresses an issue with hardware acceleration on some systems with Intel HD Graphics adapters when viewing SWF content in Internet Explorer 9. With Flash Player 10.3.181.14 installed, SWF content appeared in the upper-left corner of the screen.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine even though this update does not fix a security vulnerability. This update can be installed on computers using earlier versions of Internet Explorer as well.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: Keeping 3rd party software up-to-date is GOES A LONG WAY to keep your computer safe from being infected by malware.

How To Download Latest Updates for Enterprise Dell Computers

Security Update Released for Adobe Flash Player (v10.3.181.14)

2011-05-16T08:37:00.004-04:00

On May 12, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note:
The advisory states in part: There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.

Summary
Critical vulnerabilities have been identified in Adobe Flash Player 10.2.159.1 and earlier versions (Adobe Flash Player 10.2.154.28 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51 and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash) to mitigate the effects of malicious SWF (Flash) files that you might view in your web browser, Word, or Excel file.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Note: Additional help can be found at Adobe Support:

Oracle Java Standard Edition (SE) 6 Update 25 Released

2011-05-03T13:42:00.002-04:00

As of April 24, 2011, the current version of the Oracle Java client is Java(TM) 6 Update 25.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6u25 does not add any fixes for security vulnerabilities beyond those in Java SE 6u24. Users who have Java SE 6u24 have the latest security fixes and do not need to upgrade to this release to be current on security fixes.

In Java SE 6 Update 25 support has been added for the Internet Explorer 9, Windows 7 with SP1, Firefox 4, and Chrome 10.

The full list of changes may be found here: http://www.oracle.com/technetwork/java/javase/6u25releasenotes-356444.html

Note:
Java software allows you to run applications called “applets” that are written in the Java programming language. These applets allow you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D. These may include web based training applications.
http://www.java.com/en/about/

Security Update Available for Adobe Reader and Acrobat

2011-04-22T05:53:00.003-04:00

Adobe shipped a critical security update to its Adobe products on April 21, 2011 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

You should be able to use the built-in Updater program to update the software.

Open Adobe Reader or Adobe Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps 1 - 3 until no more updates are available.

Note

Acrobat for Windows downloads

Note

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Security Update Released for Adobe Flash Player

2011-04-16T04:35:00.004-04:00

On April 15, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note: There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page, or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. The advisory states in part:

Summary
A critical vulnerability has been identified in Adobe Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.2.156.12 and earlier versions for Android. This vulnerability (CVE-2011-0611), as referenced in Security Advisory APSA11-02, could cause a crash and potentially allow an attacker to take control of the affected system.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Adobe Releases Multiple Security Updates, March 2011

2011-03-22T05:02:00.002-04:00

Adobe shipped critical security updates to its Adobe products on March 21, 2011. Products affected are Adobe Reader and Adobe Acrobat as well as Adobe Flash Player.

Adobe addressed vulnerabilities in these products that that could cause the application to crash and allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Adobe Reader and Adobe Acrobat

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v9 or vX installed, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update. Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not receive this patch. This updates represent an out-of-cycle release.

Adobe Flash Player

To update Adobe Flash Player to the current version, follow our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

The Adobe Security bulletins and advisories page, http://www.adobe.com/support/security, has additional information and links on these updates.

Acrobat 9.4.2 Update Causes Printing Problems

2011-03-03T09:15:00.003-05:00

After updating to Acrobat 9.4.2, one of the following occurs when you print to a printer from Acrobat:

Error: "Before you can perform print-related tasks such as page setup or printing a document, you need to install a printer."
Nothing happens when you click OK in the Print dialog box. For example, no progress bar appears and nothing is printed.

Adobe has released a files called "AcrobatPatchApplication.exe" to fix the issue. You may download and run from here.

http://kb2.adobe.com/cps/891/cpsid_89178.html

Oracle Java Standard Edition (SE) 6 Update 24 Released

2011-02-16T05:51:00.006-05:00

As of February 15, 2011, the current version of the Oracle Java client is Java(TM) 6 Update 24.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6 Update 24 contains a fix for a security vulnerability that allowed an attacker to cause "a complete denial of service" on your computer. If a Java application attempted tp convert "2.2250738585072012e-308" into a floating point number in Java, the bug caused an endless loop that resulted in a 100% load on your computer's processor.

The full list of changes may be found here: http://www.oracle.com/technetwork/java/javase/6u24releasenotes-307697.html

Note:
Java is a programming language and computing platform first released by Sun Microsystems in 1995. Java Standard Edition or Java SE is used by your computer to run certain web based applications. These may include web based training applications.
http://www.java.com/en/about/

Adobe Releases Multiple Security Updates

2011-02-09T08:17:00.006-05:00

Adobe shipped critical security updates to its Adobe products on February 8, 2011. Products affected are Adobe Reader and Adobe Acrobat as well as Adobe Flash Player.

Adobe addressed vulnerabilities in these products that that could cause the application to crash and allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Adobe Reader and Adobe Acrobat

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v9 or vX installed, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update. Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not receive this patch. This updates represent an out-of-cycle release.

Adobe Flash Player

To update Adobe Flash Player to the current version, follow our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

The Adobe Security bulletins and advisories page, http://www.adobe.com/support/security, has additional information and links on these updates.

USB drive becomes 'PENDRIVE' - Remove AUTORUN.INF virus

2011-02-07T07:49:00.025-05:00

Ag IT Support has received several reports of College staff with Dell Enterprise machines with Windows XP becoming infected with an AUTORUN.INF virus recently.

Computers have become infected via the use of USB drives at conferences in particular. If your USB is placed into an infected machine, the drive name will be listed as PENDRIVE. If you place this drive into another Windows machine, the virus will be implanted there, ready to infect the next USB drive attached to the computer. This will continue to spread the virus via other USB drives to other computers.

NOTE: You should not insert an infected USB drive (e.g. memory stick) into any other computers until the virus is cleaned.

Malwarebytes' Anti-Malware can detect and remove most Malware with no further actions required for free. You should install it first to be sure you can scan and double check for the AUTORUN.INF virus.

Download Malwarebytes' Anti-Malware

Go to this link, click the Download Latest Version. Save the file to your desktop.

http://www.filehippo.com/download_malwarebytes_anti_malware/

Double-click on the mbam-setup.exe (where the x represent numbers) to install the application.

When the installation begins, follow the prompts and do not make any changes to default settings.

When installation has finished, make sure you leave the first choice checked but un-check the 2nd.

[check] Update Malwarebytes' Anti-Malware
[uncheck] Launch Malwarebytes' Anti-Malware

Click Finish. Wait for the program to update. Click OK.

Block the AUTORUN.INF virus

These steps will tell Windows to not execute the information in any AUTORUN.INF file that may be present. This is a great method to prevent Windows from being infected by virus through autorun.inf method. The only downside of this is that if you insert a USB Drive, CD or DVD with software on it, you have to open it by manually.

Click Start, choose All Programs, and open Notepad.
Copy the text below and paste it into the blank Notepad window.

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
Save the file with this name to the desktop (be sure the extension is .reg and not .txt):

NoAutoRun.REG
Close Notepad.
Double click on NoAutoRun.REG and click Yes if you're asked "Are you sure you want to add the information in C:\NoAutoRun.reg to the registry?"

Clean the AUTORUN.INF virus

Insert the USB drive.
Open My Computer. Make a note of the Drive Letter assigned to the USB drive (for example Drive letter E).
Click Start, choose Run.
Type cmd into the Open box. Press Enter.

Note: This will open a command prompt window. Within the command prompt window type the following text in bold and then press Enter.
Type cd\ and press Enter.

Note: In step 5, you will type the drive letter
Type the drive letter followed by a colon (for example E: or F:). Press Enter.

Note: In step 7 there is no space between the dashes and the letters but there is a space after the letters.
Type attrib -r -h -s autorun.inf and press Enter.
Type del autorun.inf and press Enter.

Note: If you see a "file not found" message, double check the spelling for Step 8. You may repeat. But the file may not be present on the drive (so it is not infected).
If you have a second USB drive, insert and repeat steps 1 through 8.
Final Step: Open Malwarebytes, choose to do a Full Scan. Scan both the C drive and the USB drive (s). If anything is found, click Show Results. Remove any infections.

Resolved: Alert in Outlook - click "Yes"

2011-01-06T09:10:00.000-05:00

This issue has been resolved. Thank you for your patience.

Alert in Outlook - click "Yes"

2011-01-04T12:32:00.000-05:00

We are currently experiencing an issue with a security certificate on one of our exchange servers. We are working to resolve the issue. You can click "Yes" to proceed to the security alert in Outlook. We will update you as soon as the issue is resolved.

Sun Releases Java(TM) 6 Update 23

2010-12-16T08:52:00.004-05:00

As of December 16, 2010, the current version of Sun's Java client is Java(TM) 6 Update 23.

Action Required:

If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:

Java SE 6 Update 23 includes performance improvements. Java SE 6u23 does not contain any additional fixes for security vulnerabilities from its previous release.

The full list of changes may be found here: http://www.oracle.com/technetwork/java/javase/6u23releasenotes-191058.html

RESOLVED: Exchange Server Issue

2010-12-09T14:09:00.000-05:00

Dec 9 at approximately 2 PM the Exchange Server issus was resolved. Mail is being processsed slowly but no mail was lost. Thank you for your patience.

Exchange Server Issues

2010-12-09T09:44:00.002-05:00

Dec 9, 2010 @ 8:30 AM:

We are currently experiencing issue with the College's Exchange (e-mail) server. We are working to repair the error but do not know when the issue will be resolved. We appreciate your patience.

QuickTime 7.6.9 Update Released

2010-12-08T06:14:00.003-05:00

On December 7, 2010, an updated version of QuickTime was released (7.6.9). This update fixes an issue where viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.9).

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Security update 9.4.1 Available for Adobe Reader and Acrobat

2010-11-17T06:52:00.006-05:00

Adobe shipped a critical security update to its Adobe products on November 16, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Reader and Adobe Acrobat is version 9.4.1.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not receive this patch. This updates represent an out-of-cycle release. The next quarterly security updates for Adobe Reader and Acrobat are scheduled for February 8, 2011.

If you have Adobe Reader version 8.x on your computer, you should remove this version and update to Adobe Reader 9.3. See our How To Install and Configure Adobe Reader v9 for Windows.

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Security Update Released for Adobe Flash Player

2010-11-08T05:13:00.003-05:00

On November 4, 2010 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.85.3 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.1.85.3 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine to resolve multiple memory corruption vulnerabilities that could lead to code execution.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Sun Releases Java(TM) 6 Update 22

2010-10-13T05:05:00.003-04:00

As of October 12, 2010, the current version of Sun's Java client is Java(TM) 6 Update 22.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6 Update 22 includes performance improvements, several security vulnerabilities fixes, and support for new platforms. The full list of changes may be found here: http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.html

Security Alert - The name of the security certificate is invalid or does not match the name of the site

2010-10-11T08:51:00.008-04:00

College of Ag Science faculty and staff with accounts of the Exchange server managed by Ag IT have reported the following Security Alert message when Outlook is opened.

Ag IT is working on fixing this issue causing the message. The issue is server-related but it is NOT a security risk to say "Yes" since the security certificate is OK.

As a workaround, you can hide the error message at the bottom of the screen so it doesn't pop up in your face again once you close the message.

Check back here for an update on this issue.

UPDATE: 9:53 AM The security certificate issue has been resolved and users should no longer get the pop up. If you still see the message, please close and reopen Outlook.

Security updates available for Adobe Reader and Acrobat

2010-10-05T17:07:00.002-04:00

Adobe shipped a critical security update to its Adobe products on October 5, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.4.0. If you have an earlier version of Adobe Acrobat Professional, version 8, Adobe has released an 8.2.5 update as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v8 or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 7 or lower) will not be patched.

Security Update Released for Adobe Flash Player

2010-09-20T18:23:00.007-04:00

On September 20, 2010 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. (Note: this update corrects a dangerous security hole in Flash Player that hackers have been exploiting to break into vulnerable systems.) The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.82.76 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.1.82.76 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine to mitigate the effects of malicious SWF (Shockwave Flash) files that you might view in your web browser.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

QuickTime 7.6.8 Update Released

2010-09-16T07:52:00.005-04:00

On September 15, 2010, an updated version of QuickTime was released (7.6.8). This update fixes an issue where a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.8).

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Security updates available for Adobe Reader and Acrobat

2010-08-20T09:47:00.004-04:00

Adobe shipped a critical security update to its Adobe products on August 19, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.3.4. If you have an earlier version of Adobe Acrobat Professional, version 8, Adobe has released an 8.2.4 update as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v8 or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 7 or lower) will not be patched.

QuickTime 7.6.7 Update Released

2010-08-18T15:52:00.003-04:00

On August 12, 2010, an updated version of QuickTime was released (7.6.7). This update fixes an issue where opening a maliciously movie file may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.7).

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Security Update Released for Adobe Flash Player

2010-08-11T06:55:00.002-04:00

On August 10, 2010 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. (Note: this update corrects at least 6 security vulnerabilities.) The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.1.53.64 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

UPDATE: Network issues have been resolved

2010-08-06T12:56:00.000-04:00

We have resolved the network issues and all services have been restored.
Thank you for your patience.

Network outage and slowness

2010-08-06T11:45:00.000-04:00

We are currently experiencing network issues, which may cause some services to be unavailable or slow. We are working on these issues and we apologize for the inconvenience.

Posted 11:40 AM, 8/6/10

Sun Releases Java(TM) 6 Update 21

2010-07-29T11:35:00.003-04:00

As of July 28, 2010, the current version of Sun's Java client is Java(TM) 6 Update 21.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6 Update 21 does NOT contain any additional fixes for security vulnerabilities to its previous release, Java SE 6 Update 20. Users who have Java SE 6 Update 20 have the latest security fixes and do not need to upgrade to this release to be current on security fixes. The full list of changes may be found here: http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html

Security updates available for Adobe Reader and Acrobat

2010-06-30T04:52:00.002-04:00

Adobe shipped a critical security update to its Adobe products on June 29, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.3.3. If you have an earlier version of Adobe Acrobat Professional, version 8, Adobe has released an 8.2.3 update as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v8 or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 7 or lower) will not be patched.

Update: Exchange/Mail issues

2010-06-29T15:59:00.000-04:00

Microsoft Outlook/Exchange issues have been resolved. If you are still having issues, please reboot your computer and try Outlook again. If this does not fix the issue please submit a help request ticket.

Exchange/Mail issues

2010-06-29T10:40:00.002-04:00

We are currently experiencing some Microsoft Outlook/Exchange issues. Ag IT is aware of the issue and we are working to resolve it. We apologize for the inconvenience!

ALERT: Adobe Connect Recording Changes

2010-06-21T13:07:00.000-04:00

Since the Adobe Connect upgrade to version 7.5 that occurred in Mid-May, we have discovered a significant change in the way Adobe Connect handles meeting recordings. In the past, if you had an Adobe Connect meeting room that was accessible to anyone who knew and logged into the meeting room URL, recordings from that room were also accessible by anyone (without the need to log in to view the recording).

Since the upgrade, ALL meeting recordings that are created are set to a “Private” status. Prior to publishing or sharing the recording URL, a HOST will need to change the recording status to “Public”; otherwise, users attempting to view an Adobe Connect recording may get the following error.

Not Authorized. You do not have permission to access this item.

To resolve this issue, a host of the Adobe Connect meeting room will need to follow these steps to make the recordings accessible to the public. NOTE: A host will need to do this for ALL recordings they want others to be able to view/access.

Log into the Adobe Connect meeting room where the recording took place
From the Meeting menu in the upper left corner, select the Manage Meeting Information option and a new browser window will open
In the new browser window, click the Recordings link that is on the link bar directly above the gray Meeting Information bar
Check the box beside the recording(s) that should be accessible to the public
Check the top box (to the left of the Name header) to select all of the recordings
Click the Make Public button
Close the browser window

If you have additional questions, please feel free to submit a help request.

Audio Issues (No Sound) After June 2010 Windows XP Updates

2010-06-17T09:25:00.012-04:00

Last week Windows updates were applied which caused a high volume of issues concerning audio devices. Users were reporting that they no longer had sound coming from speakers/headsets. The sounds were now coming from the System speaker which is located inside the computer.

If you are experiencing an issue with sound please follow the steps below to resolve. To verify your computer was impacted by this issue:

From the Start menu choose Control Panel.

Open the Sound and Audio Devices control panel.

Click the Volume tab and "No audio device" will appear.

If you have "No audio device" please close all programs and follow these steps.

Edit Machine.INF file

Open My Computer.

From the Tools menu choose Folder Options.

Click View tab.

Click Show hidden files and folders.

Click OK.

Open Local Disk (C:).

Open the Windows folder. If you see a warning message about "These files are hidden...", click Show the contents of this folder.

Locate and open the inf folder (it will appear 'grayed' out).

From the View menu choose Details.

Press the M key. This should highlight the file called machine.inf.

Right-click on machine.inf and choose Copy.

Minimize the C:\Windows\inf window to get it out of the way.

Right-click on a blank area of your desktop and choose Paste. (this will create a copy of the machine.inf on the desktop)

Right click on machine.inf file on YOUR DESKTOP and click Open With....

Highlight Notepad. Click OK. (this will open Notepad program)

Scroll down to the section that is called [ControlFlags].

Highlight and remove this line:

ExcludeFromSelect=*
From the File menu choose Save. Close Notepad.

Force Refresh of Audio Device

From the Start menu choose Control Panel.

Open the Add Hardware control panel.

When the Welcome to the Add Hardware Wizard appears, click Next.

Wait for it to search for new hardware.

Choose Yes, I have already connected the hardware and click Next.

Scroll to the bottom of the Installed hardware list and select Add a new hardware device and click Next.

Choose Install the hardware that I manually select from a list (Advanced) and click Next.

Under Common hardware types, select Show All Devices and click Next.

Wait for it to find all devices. (this will take as long as 30 - 60 seconds)

Click Have Disk. Click Browse.

From the Look in: drop down list, choose Desktop.

Highlight machine.inf and click Open.

Click OK.

Under Manufacturer, at the top of the list, select (Standard system devices).

Under Model, scroll down to select Plug and Play Software Device Enumerator and click Next.

To start installing the drivers, click Next.

Wait for the software to install then click Finish.

Once finished, reboot your machine.

Test sound.

If sound still does not play or if you have any questions please let us know. Send email to AgCompSupport@psu.edu, call us at (814) 865-1229 or submit a Help Request on the web at http://agsci.psu.edu/it/help-request.
If the sound is now working again, please delete the machine.inf file you copied to the desktop.

Security Update Released for Adobe Flash Player

2010-06-11T05:18:00.007-04:00

On June 10, 2010 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. (Note: this is a SIGNIFICANT update for Adobe Flash Player that corrects 32 security vulnerabilities.) The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.45.2 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.0.45.2 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Unable to Access Adobe Connect Recordings

2010-05-14T12:17:00.000-04:00

Since the Adobe Connect server was upgraded on May 13th you may receive reports of previously recorded Adobe Connect session not being accessible.

Users attempting to view an Adobe Connect recording may get the following error:

Not Authorized. You do not have permission to access this item.

To resolve this issue, the host of the Adobe Connect meeting room will need to follow these steps to make the recordings accessible to the public.

Log into the Adobe Connect meeting room where the recording took place
From the Meeting menu in the upper left corner, select the Manage Meeting Information option and a new browser window will open
In the new browser window, click the Recordings link that is on the link bar directly above the gray Meeting Information bar
Check the box beside the recording(s) that should be accessible to the public
Check the top box (to the left of the Name header) to select all of the recordings
Click the Make Public button
Close the browser window

If you have any questions, please feel free to contact the IT Help Desk.

Adobe Connect meetings unavailable May 13, 2010

2010-05-12T14:08:00.001-04:00

This is a reminder that you will NOT be able to log into ANY Adobe Connect meeting spaces on May 13, 2010. ITS will be performing an upgrade to the Adobe Connect Professional service that will impact all Adobe Connect Pro services.

If you’d like to read more, here’s an article that appeared in eNews: http://agsci.psu.edu/it/news/2010/04/agsci-news-its-plans-upgrade-to-adobe-connect-server-on-may-13th

Services will resume on May 14, 2010. If you have questions, please enter an AgIT Help Desk Request: http://agsci.psu.edu/it/help-request or contact the Penn State Adobe Connect team: breeze@psu.edu

Dubious Facebook pages scam you, Send Spam to your Friends

2010-05-10T12:52:00.004-04:00

Chris Boyd, a security researcher at Sunbelt software, has reported how dubious Facebook pages can trick you into spamming people on your Facebook friends list.

The scheme relies on you manually copying and pasting information into your browser's address bar and then into completing a "survey." If you complete the survey and follow instructions on several misleading dialog boxes, you would be giving away the keys to the kingdom and grant access to your friends list to the scammers.

To read Chris Boyd's May 9, 2010 blog post and see sample screenshots of the ruse in action, go here:

http://sunbeltblog.blogspot.com/2010/05/javascript-code-this-on-facebook.html

Upgrade to Exchange 2010 - Impact on Outlook Web Access Log On

2010-04-28T05:52:00.012-04:00

On April 27, 2010, Ag IT completed our scheduled update to Exchange 2010. You will notice a slight change to the log on page for Outlook Web Access.

When you go to http://email.ag.psu.edu/, you will see a log on page for Outlook Web Access called Outlook Web App.

Please note that you will no longer need to use "ag\" in the User name field.

Once logged on, you will be redirected back to Outlook Web Access 2003. Full functionality of Outlook Web Access 2010 will be available when mailboxes are moved to Exchange 2010.

Note: Since you are redirected back to Outlook Web Access 2003 once you login, when you click Log Off, you will see the old OWA 2003 log on screen. This screen will not appear when your mailbox is moved to Exchange 2010. You will be receiving more information concerning the moving of your mailbox over the coming weeks.

You can find additional information on logging in to the new OWA in this How To:

http://agsci.psu.edu/it/how-to/access-outlook-web-access

Sun Releases Java(TM) 6 Update 20

2010-04-15T14:17:00.002-04:00

As of April 15, 2010, the current version of Sun's Java client is Java(TM) 6 Update 20.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release DOES contain fixes for security vulnerabilities. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u20.html

FireFox 3.6.3 and Adobe Connect

2010-04-15T13:54:00.002-04:00

It has been reported that Adobe Connect Meeting hosts who use the latest FireFox version 3.6.3 are not able to open the Meeting Information Page (from the Meeting menu choose Manage Meeting Information). The "Known Issues" documentation for FireFox indicates that there may be compatibility issues still to be resolved with FireFox 3.6.3 and Flash, along with other addins and plugins.

Their recommendation at this time is reinstall FireFox's Flash plug-in: http://plugindoc.mozdev.org/OSX.html#Flash

If this fails to remedy the issue, Windows users should switch to the use of Internet Explorer until the issue is addressed in a future release of FireFox.

Security updates available for Adobe Reader and Acrobat

2010-04-13T15:38:00.005-04:00

Adobe shipped a critical security update to its Adobe products on April 13, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.3.2. If you have an earlier version of Adobe Acrobat Professional, version 8, Adobe has released an 8.2.2 update as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v8 or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) If updates were found, follow the on-screen steps to update.

Note: If an update is downloaded, close Adobe before applying the update.
Then re-open Adobe. Repeat steps a - b until no more updates are available.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 7 or lower) will not be patched.

Sun Releases Java(TM) 6 Update 19

2010-03-31T06:35:00.003-04:00

As of March 30, 2010, the current version of Sun's Java client is Java(TM) 6 Update 18.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release DOES contain fixes for security vulnerabilities. It also added seven new root certificates, removed three root certificates and five root certificates replaced with stronger signature algorithms from VeriSign, Thawte and GeoTrust. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u19.html

QuickTime 7.6.6 Update Released

2010-03-31T06:19:00.003-04:00

On March 30, 2010, an updated version of QuickTime was released (7.6.6). This update fixes an issue where opening a maliciously crafted image or movie files may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.6).

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Massive Earthquake in Chile Leads to a Surge of Rogue Antivirus

2010-03-01T07:41:00.003-05:00

Search engine results returned for terms such as “Chile Earthquake” are being poisoned to lead users to rogue antivirus web sites.

Learn more at Symantec's Security Response Blog.

http://www.symantec.com/connect/blogs/massive-earthquake-chile-leads-surge-rogue-antivirus

Security Updates Available for Adobe Reader and Acrobat v9

2010-02-19T14:39:00.004-05:00

Adobe shipped a critical security update to its Adobe version 9 products on Feb 18, 2010 that patches a critical vulnerability that could cause the application to crash and could potentially allow an attacker to take control of the affected system

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of Adobe Acrobat and Adobe Reader is version 9.3.1.

Note: If you have Adobe Reader version 8.x on your computer, you should remove this version and update to Adobe Reader 9.3.1. See our How To Install and Configure Adobe Reader v9 for Windows.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe version 9 products to the current version.

To apply these updates:

Close all other programs and then open your version of Adobe Reader or Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, they should begin to download. If not, click the Download and Install Updates button.
The updater will prompt you to close the program before the update can be installed. Click Continue.

Note: The Installation Progress window may be minimized to the lower right of the screen (in the notification tray). To see the Installation Progress window, right click on its white icon and choose Show Progress.
When the process completes, click Quit.
The Adobe Reader or or Acrobat Professional program will re-open.
From the Help menu choose Check for Updates. If no updates are available, click Quit.
Close Adobe Reader or or Acrobat Professional.

Note: Earlier versions of Adobe Acrobat Professional (version 6 or lower) will not be patched.

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Security Update Released for Adobe Flash Player

2010-02-15T11:20:00.004-05:00

On Feb 11, 2010 Adobe released a Security advisory called Security updates available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. The advisory states in part:

Summary
A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability could subvert the domain sandbox and make unauthorized cross-domain requests.

Affected software versions
Adobe Flash Player 10.0.42.34 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

For steps, see our How To Install Updates to Adobe Flash Player, http://it.cas.psu.edu/1590.htm.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Exchange 2010 - Active Directory Server Updates

2010-02-11T14:06:00.004-05:00

UPDATE: Thursday, Feb 18, 2010, 11:50 PM

The first of our Active Directory servers (AGDC1) was updated successfully. This server will be monitored for issues as it enters use on Friday, Feb 19th. The remaining two Active Directory servers (AGDC2 and AGDC3) will be updated according to the original schedule below.

The College of Ag Sciences Exchange 2003 Server (managed by Ag IT) provides E-mail/Calendaring services to all Extension offices as well as a number of University Park departments. This server is nearing its end of life. As a result, Ag IT has started a project to upgrade to Exchange 2010, the latest version of this E-mail/Calendaring service. Before we can upgrade the Exchange server, we need to upgrade supporting services.

First, we need to upgrade our Active Directory environment. In brief, an "Active Directory" is nothing more than the behind the scenes database that stores information about the network and Windows based computers and objects such as users. In other words, we need to take the current Microsoft Windows Server 2003 Active Directory database and upgrade to Microsoft Windows Server 2008. Something like updating a Word file from Office 2003 to Office 2007.

Schedule for Active Directory Upgrade:

Thursday, February 18th 9:00p.m – 1:00 a.m.
Friday, February 19th 9:00p.m – 1:00 a.m.
Saturday, February 20th 9:00a.m – 4:00p.m

What to expect during the upgrade:

We did not see any major service interruptions during the upgrade of our Active Directory in our test environment. You may see short periods of time during the upgrade that you will be unable to log onto the network. This would include connecting remotely to shared drives and E-mail. Logon times did increase during the upgrade activity.

We will provide updated information at this Tech Alerts page. Please check here first if you are experiencing an issue.

If you have any questions or experience issues after the upgrade please contact support at http://it.cas.psu.edu/contactform.htm or call (814) 865-1229.

Sun Releases Java(TM) 6 Update 18

2010-01-27T06:50:00.006-05:00

As of Jan 27, 2010, the current version of Sun's Java client is Java(TM) 6 Update 18.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Improved performance and better startup of Java applications and applets are featured in this update. This release does not contain any new fixes for security vulnerabilities. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u18.html

Security updates available for Adobe Reader and Acrobat

2010-01-13T07:51:00.002-05:00

Adobe shipped a critical security update to its Adobe products on Jan 12, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.3. If you have an earlier version of Adobe Acrobat Professional, version 8, Adobe has released an 8.2 update as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to their current version.

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v8 or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) When the update is ready, click Install Now.
c) Follow the rest of the prompts to install the update.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 7 or lower) will not be patched.

Adobe Connect Meeting layout issue - They may be missing

2009-12-11T10:15:00.000-05:00

From PSU's ITS: (posted Nov 30)
Due to a recent bug with Adobe Connect, a small number of users have reported that their meeting layouts are missing. We are currently working with Adobe to identify the affected meetings.

More information and any updates on this alert is provided at http://alerts.its.psu.edu/alert-1321

Action Required: If you plan to use an Adobe Connect/Breeze meeting space in the upcoming days/weeks, confirm that your layouts do indeed exist. Do this the day BEFORE your actual meeting time since it will take you time to recreate the layout and possible re-upload your missing content.

Security Updates Available for Adobe Flash Player

2009-12-09T07:00:00.004-05:00

On December 8, 2009 Adobe released a Security advisory called Security updates available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.0.32.18 and earlier versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

For steps, see our How To Install Updates to Adobe Flash Player, http://it.cas.psu.edu/1590.htm.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

QuickTime 7.6.5 Update Released

2009-12-03T12:52:00.000-05:00

On November 19, 2009, an updated version of QuickTime was released (7.6.5).

This update is a Windows-only release that increases reliability and improves compatibility.

Unlike previous QuickTime updates that appear on the Apple security updates page, there is no entry on this web page for QuickTime 7.6.5.

Optional Update: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Update on Network issues - Resolved

2009-11-11T19:09:00.000-05:00

As of 5:30 pm, all services have been restored. Some are slow to update but they should be up and totally functioning in the next few hours.

If you are still having issues, you may put in a Help Request.

Network Outages Continue

2009-11-11T12:03:00.002-05:00

Network outages continue for Exchange mail and most file servers in the College. We are working on fixing the issue.

Sun Releases Java(TM) 6 Update 17

2009-11-03T16:46:00.001-05:00

As of Nov 3, 2009, the current version of Sun's Java client is Java(TM) 6 Update 17.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update. Note: We recommend that you do not install any offered "extras" like the MSN Toolbar, OpenOffice.org Installer or Microsoft's Bing. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm, has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release contains fixes for one or more security vulnerabilities. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u17.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer. This has now changed. You no longer need to remember to remove the previous Java version.

2009 National eXtension Conference Recordings

2009-10-28T08:44:00.009-04:00

eXtension held its first National eXtension Conference in St. Louis, MO October 20-23, 2009. Many sessions were web cast and recorded for future viewing. The following is a list of the conference's general and breakout sessions. You will be able to view and hear a recorded session by clicking on the link below each item.

General Sessions:

Wednesday, October 21, 2009

Get There Early: Sensing the Future to Compete in the Present
Bob Johansen, Institute for the Future
http://connect.extension.iastate.edu/p53095789/

Ask an Expert Task Force Results
Kevin Gamble, eXtension Associate Director of Technology
http://connect.extension.iastate.edu/p12261706/

Institutionalization of eXtension Panel
Representatives from each Extension Region
http://connect.extension.iastate.edu/p20232503/

USDA Perspective
Roger N. Beachy, Director of the National Institute of Food and Agriculture (NIFA), United State Department of Agriculture
http://connect.extension.iastate.edu/p39714451/

Thursday, October 22, 2009

Embracing the Chaos (& other scary tales from the social web)
Tara Hunt, Author, The Whuffie Factor, Co-founder and Chief Marketing Officer, Citizen Agency
http://connect.extension.iastate.edu/p26037816/

Friday, October 23, 2009

Cultivating Partnerships and Resource Development Panel

Michael Ouart, Vice Provost for Extension, University of Missouri Extension, Chair, eXtension Finance Committee
James Wade, Executive Director, ECOP, and Director of Extension and Outreach, Association of Public and Land- grant Universities
Deborah Sheely, Deputy Administrator, Competitive Programs, National Institute of Food and Agriculture
Cathann Kress, Office of the Deputy Under Secretary of Defense Military Community and Family Policy
Randel Raub, Director of Research and New Product Development, Purina Mills
Michael McGirr, National Program Leader, Sustainable Development, Global Engagement, National Institute of Food and Agriculture

http://connect.extension.iastate.edu/p29888201/

National eXtension Awards

Community of Practice Partnership Award
Community of Practice Individual Achievement Awards
Outstanding Community of Practice
eXtension Champion Award

http://connect.extension.iastate.edu/p46899902/

Note: You can read the official announcement of the winners here:
http://www.extension.org/pages/eXtension_Honors_Outstanding_Educators_and_Teams

Closing Comments
Keith L. Smith, Director, Ohio State University ExtensionIncoming Chair of the eXtension Governing Committee
http://connect.extension.iastate.edu/p72493462/

Breakout Sessions:

Wednesday, October 21

How to Host Your Own Webinar and Why
Floyd Davenpor
thttp://connect.extension.iastate.edu/p25052985/

Technologies for Creating Educational Content for Online Programs
Floyd Davenport
http://connect.extension.iastate.edu/p99441424/

Yes, a multi-state collaboration can produce success, plus more!
Jody Johnson
http://connect.extension.iastate.edu/p76983911/

How the Virtual News Room Works for You
Lynette Spicer
http://connect.extension.iastate.edu/p48401053/

Thursday, October 22

Sensemaking for Qualitative Research: The research methodologies used by the Ask an Expert Task force
Kevin Gamble
http://connect.extension.iastate.edu/p14656678/

Using eXtension Tools, Technologies, and Concepts to Improve Extension Work
Jerold R. Thomas
http://connect.extension.iastate.edu/p22517464/

Guidelines for Information Technology-based Promotion & Tenure Expectations and Metrics: A Proposal
Robert Hughes, Jr.
http://connect.extension.iastate.edu/p88595072/

Implementing the eXtension Widget on County web sites in Ohio: A case study
Jerry Thomas
http://connect.extension.iastate.edu/p42389451/

Evaluate Your Content with Google Analytics (by Category)
Ben MacNeill
http://connect.extension.iastate.edu/p33068519/

Be, Grow, Create Phase 2 @ Oregon State
Mark Anderson-Wilk, Alex Stone, and John McQueen
http://connect.extension.iastate.edu/p53661579/

Introducing ideas for establishing a social media strategy
Anne Adrian
http://connect.extension.iastate.edu/p97065919/

Assessing County Extension Program’s Readiness to Adopt Technology: They Don’t Know What They Don’t Know
Dana Martin and Jeff Hino
http://connect.extension.iastate.edu/p35128725/

Effective Review Standards: The Role of Authors, Editors, Reviewers, Users, and Communicators in Quality Control and Usability
Mark Anderson-Wilk
http://connect.extension.iastate.edu/p61842397/

A Creative Approach to Generating eXtension Publications in the Family Caregiving CoP
Amy F. Hosier
http://connect.extension.iastate.edu/p44999712/

Updates for Adobe Reader 9 and Adobe Acrobat Professional 7, 8, & 9 Are Available

2009-10-13T16:16:00.006-04:00

Adobe shipped a critical security update to its Adobe products on Oct 13, 2009 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.2. If you have earlier versions of Adobe Acrobat Professional, version 7 or 8, Adobe has released 7.1.4 and 8.1.7 updates as well.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to their current version.

To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.
If your computer has Adobe Acrobat Professional v7, v8, or v9 installed as well, you should be able to use the built-in Updater program to update the software.
a) From the Help menu choose Check for Updates.
b) When the update is ready, click Install Now.
c) Follow the rest of the prompts to install the update.

Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

Note: Earlier versions of Adobe Acrobat Professional (version 6 or lower) will not be patched.

If you have Adobe Reader version 8.x on your computer, you should remove this version and update to Adobe Reader 9.2. See our How To Install and Configure Adobe Reader v9 for Windows.

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Malware Ads from Good Web Sites (How To Respond to an ‘Antivirus’ Pop-Up Ad)

2009-09-21T08:47:00.005-04:00

The New York Times has published an article Times Web Ads Show Security Breach on September 14, 2009. This article responds to the malware ads that were seen through their web site over the weekend of September 12 - 13, 2009. The article includes the following:

"OVER the weekend, some visitors to the Web site of The New York Times received a nasty surprise. An unknown person or group sneaked a rogue advertisement onto the site’s pages. The malicious ad took over the browsers of many people visiting the site, as their screens filled with an image that seemed to show a scan for computer viruses. The visitors were then told that they needed to buy antivirus software to fix a problem, but the software was more snake oil than a useful program.

The creator of the malicious ads posed as Vonage, the Internet telephone company, and persuaded NYTimes.com to run ads that initially appeared as real ads for Vonage. At some point, possibly late Friday, the campaign switched to displaying the virus warnings.

Because The Times thought the campaign came straight from Vonage, which has advertised on the site before, it allowed the advertiser to use an outside vendor that it had not vetted to actually deliver the ads."

Here is the image of the fake antivirus scan from the web site of The New York Times.

As this article from The Times illustrates, even well-known "safe" web sites can harbor malicious links and software.

We have seen an increase in these fake antivirus software scans in the College.

What should you do if you are suddenly bombarded with these fake ads? You can print our How To Respond to an ‘Antivirus’ Pop-Up Ad. Review these steps and be ready to follow them if you are faced with these pop-ups.

http://it.cas.psu.edu/1926.htm

QuickTime 7.6.4 Update Released

2009-09-11T10:31:00.001-04:00

On September 9, 2009, an updated version of QuickTime was released (7.6.4). This update fixes an issue where opening a maliciously crafted movie file or FlashPix file may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.4).

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

Updates to Adobe Presenter v7 available

2009-08-21T14:54:00.003-04:00

Adobe has just released an update (7.0.5) for Adobe Presenter 7 which will help with PowerPoint conversion, audio editing, accessibility and some other fixes.

For more information about the update and fixes, go here.

Action Required for Adobe Presenter v7 users:
You can download the latest update here or you can update via the Help button on the Adobe Presenter tab in PowerPoint 2007.

Sun Java Updates Offer Unneeded 3rd Party Software

2009-08-13T06:10:00.011-04:00

Java Platform, Standard Edition or Java SE, is used by your computer to run certain web based applications. These may include web based training applications.

If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java is ready to install. You can click the icon and follow its prompts to apply the update.

Note: We have always recommended that you do not install any offered "extras" like the MSN Toolbar, OpenOffice.org Installer or Microsoft's Bing.

Recently, the Java installer may also "offer" a 30-day trial of Carbonite Inc.'s commercial backup software.

Please un-check these options if they appear. You do NOT need them as part of the Java install.

Updates for Adobe Reader 9 and Adobe Acrobat Professional 9 Are Available

2009-08-05T06:10:00.003-04:00

Adobe shipped a out-of-cycle security update to Adobe Reader 9 and Acrobat 9 products on July 30, 2009. This update patches a critical security vulnerability while providing more stability.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of Adobe Acrobat and Adobe Reader is version 9.1.3.

Note: If you have Adobe Reader version 8.x on your computer, you should remove this version and update to Adobe Reader 9.1.3. See our How To Install and Configure Adobe Reader v9 for Windows.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to their current version.

To apply these updates:

Close all other programs and then open your version of Adobe Reader or Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, they should begin to download. If not, click the Download and Install Updates button. If asked, click Install Now.
The updater will prompt you to close the program before the update can be installed. Click Continue.

Note: The Installation Progress window may be minimized to the lower right of the screen (in the notification tray). To see the Installation Progress window, right click on its white icon and choose Show Progress.
When the process completes, click Quit.
The Adobe Reader or or Acrobat Professional program will re-open.
From the Help menu choose Check for Updates. If no updates are available, click Quit.
Close Adobe Reader or or Acrobat Professional.

Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not be patched.

The Adobe Reader and Acrobat 9.1.3 Release Notes has additional information and links.

Sun Releases Java(TM) 6 Update 15

2009-08-05T05:18:00.004-04:00

As of Aug 4, 2009, the current version of Sun's Java client is Java(TM) 6 Update 15.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update. Note: We recommend that you do not install any offered "extras" like the MSN Toolbar, OpenOffice.org Installer or Microsoft's Bing. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm, has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release contains fixes for one or more security vulnerabilities. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u15.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer. This has now changed. You no longer need to remember to remove the previous Java version.

Security Updates Available for Adobe Flash Player

2009-07-31T07:53:00.006-04:00

On July 30, 2009 Adobe released a Security advisory called Security updates available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. The advisory states in part:

Summary
Critical vulnerabilities have been identified in the current versions of Adobe Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions

Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations.

For steps, see our How To Install Updates to Adobe Flash Player, http://it.cas.psu.edu/1590.htm.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

ITS updates Adobe Connect server - Action Required

2009-07-23T07:30:00.001-04:00

Attention: Adobe Connect users – Action Required

This morning (Thursday, July 23, 2009) Penn State’s ITS installed the Adobe Connect Pro 7 Service Pack 3.

Along with this SP3 install, there is an updated add-in (version 9.1.314.0) which addresses VOIP and Audio enhancements listed below.
We encourage users to download this latest add-in by doing these steps:

• Go to the Adobe Connect Community Check List at http://meeting.psu.edu/checklist
• Run the "test your computer and Internet connection" option by clicking on the link listed in Step 3
• Click Yes if you receive a Security Warning

Issues resolved with Service Pack 3

Meeting Rooms:
[0127905] Meeting: The first item in the Q&A Pod list is selected by default now which does not make it appear as though longer questions cannot be displayed in full anymore. All selected question text shows in the details panel. In the case in which a very long question is asked and therefore truncated in the preview pane, all text will be visible in the details pane. This capability is now more discoverable by the user.

[2302406] Meeting: The same presentation (PPT or PPTX) can now be loaded into two share
pods in the same meeting at the same time without causing any intermittent upload errors.

[1920524] Meeting, Mac only: Sharing Full Screen on certain Mac versions, in certain Safari and Firefox browsers caused user to be ejected from the meeting room, and browser to crash. This issue has been resolved.

[1920869] Meeting, Recording: Recording playback sometimes shows black or gray screen when paused or seeking. This issue now has been resolved.

[1922961/1880973] Meeting, Recording: Recordings now play the events that occurred within the meeting, as they occurred, including changes in layouts.

[1913089] Meeting, Recording: Recordings now do not show a black screen or cut out
Intermittently.

[1910223] Meeting, Recording: Forced Recordings do start now when enabled and applied to systems with specific license keys. They are now working properly with valid license keys.

[1913261] Meeting, Whiteboard/Recording: Playback scale adjustments have been applied
to recording so that all whiteboard content is displayed now even when using certain screen resolutions.

[1930490] Meeting, Poll Pod: A scroll bar is displayed in the meeting poll pod so that all options are now visible to the user even when many options are provided in Poll questions.

Adobe Presenter updates available

2009-07-22T16:31:00.003-04:00

There are currently 2 important updates to Adobe Presenter Version 7.0. They include audio enhancements and fixes, better performance with PowerPoint .pptx files and quizzing features.

Action Required for Adobe Presenter v7 users:
To properly install the updates they must be installed in the correct order. First install the Adobe Presenter 7.0.1 update, then the Adobe Presenter 7.0.2 update. Licensed Adobe Presenter users can install the updates from the following URL.
http://tinyurl.com/PresenterUpdate

If you are in a county office with a server, check out this path to install from your server.
Computer Resources > IT Camp Software > Adobe Presenter folder
- Double-click adobe_presenter_patch_v701.exe to install the first update
- Double-click adobe_presenter_patch_v702.exe to install the next update

Use the following links to review a full description of each update.
Important issues resolved in Adobe Presenter 7.0.1 update
http://kb2.adobe.com/cps/404/kb404919.html

Important issues resolved in Adobe Presenter 7.0.2 update
http://kb2.adobe.com/cps/407/kb407169.html

Phishing Attempts Aimed at Penn State Faculty and Staff

2009-07-10T09:58:00.010-04:00

Faculty and staff are reminded that the college and university will *NEVER* request account/password information via E-mail.

You should never reply to a message asking for account information, nor should you ever click a link from a message that asks for account information. Penn State and the College of Ag Sciences will never ask for your account/password in this method.

If you receive messages of this type, simply delete the message.
Normally, Ag IT will not send alerts warning employees of individual phishing scams. These scams are too numerous to regularly keep on top of, so please remember legitimate entities do not request information in this manner.

However, in the past week we have seen new examples of phishing aimed at our employees. We are taking this opportunity to refresh in everyone's mind that these messages should be deleted if they make it past the college and university's spam filters.

Sample 1 below is a general attempt to have you click on the link. In this case, the link doesn't appear to show you a form. Instead the page attempts to download and install malware on your computer. If you receive messages of this type, simply delete the message.

Sample 1

Subject: Your Webmail Quota Has Exceeded The Set Quota/Limit

Your Webmail Quota Has Exceeded The Set Quota/Limit Which Is 20GB.
You Are Currently Running On 23GB Due To Hidden Files And Folder On Your Mailbox.

Please Click the Link Below To Validate Your Mailbox And Increase Your Quota.

w w w.jotform.com/form/9999999999 [number changed and link removed]
Failure To Click This Link And Validate Your Quota May Result In Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.

Sample 2 below is an example of a "spear-phishing" message. These messages are attacks aimed directly at a company, government agency, organization, or group. Spear phishers send E-mail that appear genuine to all the employees or members of these groups

You can read the sample E-mail below. It is a well crafted note! We've removed the actual link below. But if you were to receive an E-mail like this, you can hover (hold the mouse over the link without clicking) to see the destination address.

In the actual E-mail the address started with "http://psu.edu" but then added "ec-uk.org" as the actual destination. This will usually confirm what you knew anyway. So, simply delete the message.

Sample 2

From: PSU Help Desk [mailto:it_dept@psu.edu]
Subject: Mandatory Security Update: July 2009

The Pennsylvania State UniversityInformation Technology ServicesThe ITS Help Desk

URGENT SECURITY UPDATE - JULY 2009

Due to the recent increase in spam emails, we have upgraded to an advanced server for your premium security to prevent spam from getting to your inbox. As a result of this, it is important that you login to your email using the link below, to make sure that your account information is up-to-date.

Click Here to Protect Your Account [link removed]

This email has been sent to all PSU Webmail users and it is mandatory to follow.

Thank you for your cooperation.

IT DepartmentCopyright © 2009 The Pennsylvania State University

Sample 2 Image

If you had clicked the link, you would be taken to a page that mimicked the real Penn State WebAccess login window. But again, the actual address is fake.

The ITS Alerts site has a listing of E-mail (spam, phishing) alerts which gives you an idea of how prevalent these activities are.

Sun Releases Java(TM) 6 Update 14

2009-06-11T13:14:00.003-04:00

As of May 29, 2009, the current version of Sun's Java client is Java(TM) 6 Update 14.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update. Note: We recommend that you do not install any offered "extras" like the MSN Toolbar, OpenOffice.org Installer or Microsoft's Live Search. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm, has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release contains feature enhancements that includes support for Internet Explorer 8. The full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u14.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer. This has now changed. You no longer need to remember to remove the previous Java version.

Updates for Adobe Reader 9 and Adobe Acrobat Professional 7, 8, & 9 Are Available

2009-06-11T11:51:00.002-04:00

Adobe shipped a critical security update to its Adobe products on June 9, 2009 that patches 13 critical bugs in Reader 9.1.1 and Acrobat 9.1.1 or earlier versions. This update resolves a stack overflow and integer overflow bugs that lead to code execution potential and Denial of Service attack/code execution. Additional memory corruption and heap overflow vulnerabilities were also fixed.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of Adobe Acrobat and Adobe Reader is version 9.1.2. If you have earlier versions of Adobe Acrobat Professional, version 7 or 8, Adobe has released 7.1.3 and 8.1.6 updates as well.

Note: If you have Adobe Reader version 8.x on your computer, you should remove this version and updater to Adobe Reader 9.1.1. See our How To Install and Configure Adobe Reader v9 for Windows.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to their current version.

To apply these updates:

Close all other programs and then open your version of Adobe Reader or Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, they should begin to download. If not, click the Download and Install Updates button.
When the update is ready, click Install Now.
The updater will prompt you to close the program before the update can be installed. Click Continue.

Note: The Installation Progress window may be minimized to the lower right of the screen (in the notification tray). To see the Installation Progress window, right click on its white icon and choose Show Progress.
When the process completes, click Quit.
The Adobe Reader or or Acrobat Professional program will re-open.
From the Help menu choose Check for Updates. If no updates are available, click Quit.
Close Adobe Reader or or Acrobat Professional.

QuickTime 7.6.2 Update Released

2009-06-03T05:14:00.003-04:00

On June 1, 2009, an updated version of QuickTime was released (7.6.2). This update fixes an issue where opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6.2).

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

Updates for Adobe Reader 9 and Adobe Acrobat Professional 7, 8, & 9 Are Available

2009-05-13T06:07:00.013-04:00

Adobe shipped a critical security update to its Adobe products on May 12, 2009 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Acrobat and Adobe Reader is version 9.1.1. If you have earlier versions of Adobe Acrobat Professional, version 7 or 8, Adobe has released 7.1.2 and 8.1.5 updates as well.

Note: If you have Adobe Reader version 8.x on your computer, you should remove this version and updater to Adobe Reader 9.1.1. See our How To Install and Configure Adobe Reader v9 for Windows.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to their current version.

To apply these updates:

Close all other programs and then open your version of Adobe Reader or Acrobat Professional.
From the Help menu choose Check for Updates.
If updates were found, they should begin to download. If not, click the Download and Install Updates button.
When the update is ready, click Install Now.
The updater will prompt you to close the program before the update can be installed. Click Continue.

Note: The Installation Progress window may be minimized to the lower right of the screen (in the notification tray). To see the Installation Progress window, right click on its white icon and choose Show Progress.
When the process completes, click Quit.
The Adobe Reader or or Acrobat Professional program will re-open.
From the Help menu choose Check for Updates. If no updates are available, click Quit.
Close Adobe Reader or or Acrobat Professional.

Sun Releases Java(TM) 6 Update 13

2009-03-27T11:31:00.002-04:00

As of March 26, 2009, the current version of Sun's Java client is Java(TM) 6 Update 13.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update. Note: We recommend that you do not install any offered "extras" like the MSN Toolbar, OpenOffice.org Installer or Microsoft's Live Search. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm, has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release contains feature enhancements and bug fixes. This full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u13.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer. This has now changed. You no longer need to remember to remove the previous Java version.

Adobe Acrobat Professional Updates for version 7 and 8 Released

2009-03-19T16:24:00.013-04:00

On March 11, 2009 Ag IT posted a Tech Alert about the "version 9.1.0 Update for Adobe Reader 9 and Adobe Acrobat 9 Professional is Available". In this Tech Alert it was recommended that College of Ag Science faculty and staff see our How To Install and Configure Adobe Reader v9 for Windows for steps on updating Adobe Reader to the current version.

However, there are a number of staff who use version 7 and 8 Adobe Acrobat Professional.

On March 18, 2009 Adobe has released updates for these versions as well.

The current version of Adobe Acrobat Professional 7 is now 7.1.1.The current version of Adobe Acrobat Professional 8 is now 8.1.4.

Action Required: Ag IT recommends that College of Ag Science faculty and staff who use either version 7 and 8 Adobe Acrobat Professional update their Adobe Acrobat Professional to these versions.

To apply these updates:

Close all other programs and then open your version of Adobe Professional.
From the Help menu choose Check for Updates.
If updates were found, they should begin to download. If not, click the Download and Install Updates button.
At this point, you can click the Adobe Professional window to make it active, then Exit Acrobat Professional. If you don't exit Adobe Professional, the updater will prompt you to close the program before the update can be installed.
When the update is ready, click Install Now.

Note: The Installation Progress window may be minimized to the lower right of the screen (in the notification tray). To see the Installation Progress window, right click on its white icon and choose Show Progress.
When the process completes, you may be asked to restart.

Note: If you can't use the Adobe Updater to apply the updates, here are links to the individual updates. Click the needed link for your version. Then click Proceed to Download. Click Download Now. Click Open (rather than Save). Click Run. Click Update. When done, click Finish.

Note: In order to install these updates, you may need to install other updates first. For example, the 8.1.4 update can only be applied to Adobe Acrobat version 8.1.3. To find other updates, go to Acrobat for Windows - Downloads for their complete list of available updates.

Note: Earlier versions of Adobe Acrobat Professional (version 6 or lower) will not be patched.

version 9.1.0 Update for Adobe Reader 9 and Adobe Acrobat 9 Professional is Available

2009-03-11T09:21:00.007-04:00

Adobe shipped a critical security update to its Adobe version 9 products on March 10, 2009 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

The current version of the Adobe Acrobat and Adobe Reader is version 9.1.0.

Action Required: Ag IT recommends that College of Ag Science faculty and staff see our How To Install and Configure Adobe Reader v9 for Windows for steps on updating Adobe Reader to the current version.

Note: To determine the version of either of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

If you have the "full" version of Adobe Acrobat, you can update this program via its updater feature. Open Adobe Acrobat 9 Professional. From the Help menu, choose Check for Updates. If updates are found, close Adobe Acrobat 9 Professional. Then, click Download and Install Updates. When they complete, restart the computer.

If you have Adobe Reader version 8.x on your computer, you should remove this version and updater to Adobe Reader 9.1.0. See our How To Install and Configure Adobe Reader v9 for Windows f

If you have earlier versions of Adobe Acrobat Professional, version 7 or 8, Adobe is planning to make updates available by March 18, 2009.

Sun Releases Java(TM) 6 Update 12

2009-03-11T07:10:00.011-04:00

As of March 11, 2009, the current version of Sun's Java client is Java(TM) 6 Update 11.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update. Note: We recommend that you do not install any offered "extras" like the MSN Toobar, OpenOffice.org Installer or Microsoft's Live Search. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm, has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
This release contains feature enhancements and bug fixes. This full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u12.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer. This has now changed. You no longer need to remember to remove the previous Java version.

Adobe Releases Flash Player 10 Update to Address Security Vulnerabilities

2009-02-26T07:11:00.008-05:00

On February 24, 2009 Adobe released a Security advisory called Flash Player update available to address security vulnerabilities that announced the availability of updated Flash Player 10 software. The advisory states in part:

Summary
A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities have been addressed in this update. Adobe recommends users update to the most current version of Flash Player available for their platform.

Affected software versions
Adobe Flash Player 10.0.12.36 and earlier.

Severity rating
Adobe categorizes this as a critical update and recommends affected users upgrade to version 10.0.22.87.

To verify the Adobe Flash Player version number, you can visit the About Flash Player page. If this version is Flash Player 10.0.12.36 or earlier, please complete the remaining steps.
To update to current Adobe Flash Player version, go to the Player Download Center.
UN-CHECK any extra toolbars that are offered. Example: Google Toolbar.
Click Agree and install now.
Follow on-screen steps to install.
When the installation completes, you should see the current version of Flash Player (10.0.22.87) displayed on the screen.

NOTE: If you still see the older version (Example: 10.0.12.36), go to How to uninstall the Adobe Flash Player plug-in and ActiveX control and download the Adobe Flash Player uninstaller. Follow the steps to remove Adobe Flash. Then go back to the Player Download Center and install the new Adobe Flash Player again.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Trouble Adding Participants to an Adobe Connect Meeting Space?

2009-02-10T11:21:00.000-05:00

Have you created an Adobe Connect Meeting space that should be restricted to only certain participants, gone to add someone as a participant, and then not been able to find the participant in the Adobe Connect user list?

If so, it is likely because the user has never previously logged into an Adobe Connect meeting. Until a user logs into an “open” Adobe Connect meeting (one that is not restricted to certain participants) the Adobe Connect server does not realize they exist. It is not until after a user has logged into a meeting space that they are added to the Adobe Connect user list.

To resolve the issue, ask the user to log into http://breeze.psu.edu/opensite, which is a meeting space we have made accessible to anyone who has a Penn State or Friends of Penn State user account. Once the user gets log into the open meeting they can immediately exit out and then you should be able to find them in the Adobe Connect user list and add them to your meeting space.

QuickTime 7.6.0 Update Released

2009-01-21T15:29:00.003-05:00

On Jan 21, 2009, an updated version of QuickTime was released (7.6.0). This update fixes an issue where a maliciously crafted URL may lead to an unexpected application termination or arbitrary code execution. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.6).

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

Error Message: Secure VPN Connection terminated locally by client. Reason 429

2009-01-15T15:39:00.002-05:00

Within Penn State's VPN client, there are connection entries for "ITS Wireless at campusname." Entries include ITS Wireless at UP, ITS Wireless at Altoona, ITS Wireless at Beaver, etc. In the Host entry for these entries you see "mobility.campusname.psu.edu" (where campusname represents the abbreviation for a campus location. Entries include mobility.up.psu.edu, mobility.as.psu.edu, mobility.br.psu.edu, etc.

According to http://its.psu.edu/wireless/faq.html#21, "If you are in a location that has Penn State Wireless you need to launch the VPN client on your laptop and select the Penn State campus where you are located. Once you login using your Access Account, you can begin to use the wireless network for your tasks."

Situation:
According to http://alerts.its.psu.edu/alert-867, on Thursday, October, 23, 2008, all campuses using the ITS Wireless VPN service began using Cisco's Adaptive Security Appliance (ASA) platform. As a result, all campus wireless traffic is re-routed to ASA's located at University Park. In other words there is no longer a need for separate "mobility.campusname.psu.edu" names in the VPN client. In effect, all the VPN traffic needs to find mobility.up.psu.edu in order to connect.

If you attempt to use the VPN client to access an ITS Wireless location and receive this error, Reason 429: Unable to resolve server address, your laptop is unable to resolve mobility.up.psu.edu to its IP address.

Workaround:
You can create an ITS Wireless connection that uses the direct IP address for mobility.up.psu.edu.

Open the VPN client. Click the New button.
In Connection Entry, enter ITS Wireless.
You may leave Description blank.
In Host, enter 172.28.41.68.
Under Group Authentication, the Name should be pennstate
The Password and Confirm Password should also be pennstate

Note: The passwords are case-sensitive (for example, Pennstate is not the same as pennstate)
Click Save.
You can use this connection to access ITS Wireless from any campus including University Park.

Sun Releases Java(TM) 6 Update 11

2008-12-03T11:46:00.007-05:00

As of December 2, 2008, the current version of Sun's Java client is Java(TM) 6 Update 11.

Action Required:
If you see an alert icon in your notification area, lower right corner of screen, to update Java, you can click the icon and follow its prompts to apply the update. If you receive an "Error 1606" while installing, click Cancel. Click OK. Uncheck the Open Java Help box. Click Finish. You should restart the computer and try the install again.

Or, you can follow our How To Update Sun's Java Software, http://it.cas.psu.edu/260.htm instead.

Fixed:
This release contains feature enhancements and bug fixes. This full list of changes may be found here: http://java.sun.com/javase/6/webnotes/6u11.html

Note:
Previously, older versions of Sun Java were not removed from your computer when you updated. You had to manually remove older versions of Sun Java from your computer.

This has now changed. The previous version, Java 1.6.0_10, included code to allow patch-in-place to occur. So, from now on, you will not need to remember to remove the previous Java version.

version 8.1.3 Update for Adobe Acrobat 8 Professional and Adobe Reader is Available

2008-11-11T17:12:00.005-05:00

Adobe shipped a critical update to its Adobe version 8 products on November 4, 2008 that addresses a number of customer workflow issues and security vulnerabilities.

Action Required: Ag IT recommends that College of Ag Science faculty and staff apply the 8.1.3 update to their EN machines.

Note: To determine the version of either of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

If you have the "full" version of Adobe Acrobat, Adobe Acrobat 8 Professional, you can update this program via its updater feature. Open Adobe Acrobat 8 Professional. From the Help menu, choose Check for Updates. If updates are found, close Adobe Acrobat 8 Professional. Then, click Download and Install Updates. When they complete, restart the computer.

If you have Adobe Reader version 8.1.2, on your computer, you can use the steps from How To Install and Configure Adobe Reader v8 for Windows, http://it.cas.psu.edu/222.htm, to apply the version 8.1.3 update.

Note: you can also try to use the updater feature for Adobe Reader as well. We have seen a number of 8.1.2 installations that lack the Check for Updates choice from the Help menu however. This is why we recommend the above How To.

Sun Releases Java(TM) 6 Update 10

2008-10-27T14:14:00.005-04:00

As of Oct 27, 2008, the current version of Sun's Java client is Java(TM) 6 Update 10.

Action Required: Please follow our "How To Update Sun's Java Software" to update your Java software.

Fixed: This release contains feature enhancements and bug fixes. This full list of changes may be found here.

Note: Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel".

Audio Problem Troubleshooting Suggestions from Adobe Connect (Breeze)

2008-10-24T08:58:00.009-04:00

Issue: Since PSU ITS updated to Adobe Connect v7 earlier this year, there have been intermittent audio issues during Adobe Connect meetings and trainings.

This Tech Alert is in response to an ALERT from Adobe:
In Connect 7, Adobe included an “enhanced” audio solution for PC users when running the audio setup wizard. It’s in the advanced settings area. This is different than Connect v6 and the cause of some of the problems out there. Until the service pack fix is initiated, I believe this enhanced audio feature is defaulting to “on”. We would like everyone to turn that off as a troubleshooting option (and it will default to off with the service pack).

This means everyone in the meeting should have the enhanced audio box checked to “off”. Otherwise, the enhanced audio may create problems with gain and other audio pickup and cause “breaks” in the delivery for everyone (on a congested network).

The service pack referred to is expected sometime in November. We will pass along information as it becomes available. Additional troubleshooting tips received today are posted at http://meeting.psu.edu/node/519.

Action Required (if you use Adobe Connect): EACH TIME you log into an Adobe Connect Meeting, you need to run through the Audio Set-up Wizard to configure your audio. As you go through the Audio Set-up wizard, the last window called “Finished,” click on the Advanced Settings button, then look for the checkbox in the upper right-left portion of your screen. Uncheck the “use Enhanced Audio.”

If you have questions, don’t hesitate to contact Ag IT Support.

Adobe Releases Flash Player 10 to Address Security Vulnerabilities (Clickjacking)

2008-10-16T13:15:00.007-04:00

Adobe Systems has released a new version of its Flash Player software. This version includes a fix for the critical security bug that allowed hackers to hijack your browser in what's come to be known as a clickjacking attack.

On Oct 15, 2008 Adobe released a Security advisory called Flash Player update available to address security vulnerabilities that announced the availability of new Flash Player 10 software. The advisory states in part:

Summary
Potential vulnerabilities have been identified in Adobe Flash Player 9.0.124.0 and earlier that could allow an attacker who successfully exploits these potential vulnerabilities to bypass Flash Player security controls. Adobe recommends users update to the most current version of Flash Player available for their platform.

Affected software versions
Adobe Flash Player 9.0.124.0 and earlier.

Severity rating
Adobe categorizes this as a critical update and recommends affected users upgrade to version 10.0.12.36.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine to mitigate the effects of clickjacking.

To verify the Adobe Flash Player version number, you can visit the About Flash Player page. If this version is Flash Player 9.0.124.0 and earlier, please complete the remaining steps.
To update to current Adobe Flash Player version, go to the Player Download Center.
Click Agree and install now.
Follow on-screen steps to install.
When the installation completes, you should see the current version of Flash Player displayed on the screen.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Security Risk - Clickjacking

2008-10-08T09:15:00.015-04:00

Clickjacking is a nasty security risk — it’s transparent to you the user, easy to put into operation and difficult to stop.

What is Clickjacking? This threat was brought to the public's attention in late September 2008. According to researchers Robert Hansen and Jeremiah Grossman, clickjacking happens when your browser is directed to a malicious Web site when you click on what appears to be a valid link.

How does this happen? First, a hacker has to break in and compromise a good site. The hacker can then set their external, malicious content to be invisible and overlay the normal page with a "transparent" cover. When you click on the normal page, you are in fact clicking on the externally loaded page. The content or page which then loads is whatever the hacker wants. For example, it could install a malware program like a rogue Anti-Spyware program.

In another clickjacking scenario, the page may not need to have the transparent overlay. Instead, the good page may have been hacked to contain JavaScript code that makes the invisible target constantly follow the mouse pointer, intercepting your first click wherever it may be.

On Oct 7, 2008 Adobe released a Security advisory called Flash Player workaround available for "Clickjacking" issue. The advisory states:

SUMMARY
Adobe is aware of recently published reports of a 'Clickjacking' issue in multiple web browsers that could allow an attacker to lure a web browser user into unknowingly clicking on a link or dialog. It has been determined that this potential "Clickjacking" issue affects Adobe Flash Player. Adobe is working to address this issue in an upcoming update to Flash Player.

SOLUTION
Customers:
To prevent this potential issue, customers can change their Flash Player settings as follows

Access the Global Privacy Settings panel of the Adobe Flash Player Settings Manager at the following URL: http://www.adobe.com/support/documentation/en/flashplayer/help/settings_manager02.html
Select the "Always deny" button.
Select 'Confirm' in the resulting dialog.
Note that you will no longer be asked to allow or deny camera and / or microphone access after changing this setting.

Customers who wish to allow certain sites access to their camera and / or microphone can selectively allow access to certain sites via the Website Privacy Settings panel of the Settings Manager at the following URL: http://www.adobe.com/support/documentation/en/flashplayer/help/settings_manager06.html.

Action Required: Ag IT recommends that you follow the Adobe steps to mitigate the effects of clickjacking.

Note: If you use Adobe Connect (Breeze) for meetings or trainings, you will need to allow these sites access to Flash Player as mentioned in Step 4.

For detailed steps on how to do this, you can use our How To Allow "Camera and Microphone Access" in Adobe Connect (Breeze) steps.

Another Phishing message circulating

2008-10-01T13:43:00.006-04:00

Faculty and staff are reminded that the College and University will *NEVER* request account/password information via email.

You should never reply to a message asking for account information, nor should you ever click a link from a message that asks for account information. Penn State and the College of Ag Sciences will never ask for your account/password in this method. If you receive messages of this type in the future, simply delete the message.

Here is an example of the latest phishing that we have seen in the College.

Date: Wed, 1 Oct 2008 14:28:01 +0200 (CEST)
Subject: Account Expire in 4 Day(s)
From: "IT SERVICE"

Dear Webmail User,

This message was sent automatically by a program on Webmail which
periodically checks the size of inboxes, where new messages are received.
The program is run weekly to ensure no one's inbox grows too large. If
your inbox becomes too large, you will be unable to receive new email.
Just before this message was sent, you had 18 Megabytes (MB) or more
of messages stored in your inbox on your Webmail. To help us re-set
your SPACE on our database prior to maintain your INBOX, you must
reply to this e-mail and enter your

Current User name ( )
and Password( ).

You will continue to receive this warning message periodically if your
inbox size continues to be between 18 and 20 MB. If your inbox size
grows to 20 MB, then a program on Bates Webmai will move your oldest
email to a folder in your home directory to ensure that you will
continue to be able to receive incoming email. You will be notified by
email that this has taken place. If your inbox grows to 25 MB, you
will be unable to receive new email as it will be returned to the
sender.
After you read a message, it is best to REPLY and SAVE it to another
folder.

Thank you for your cooperation.
WEBMAIL Help Desk

Computer Account Requests - New Processes as of Sept 2, 2008

2008-09-23T16:17:00.002-04:00

In the past, we have had different account processes and services for many different types of employees and volunteers. We now have streamlined the account process down to two divisions. We will follow one process if the employee is paid by Penn State, and follow a second process if the person is not paid by Penn State.

One of the most significant changes in the process is that the College of Ag IT Unit will no longer play a role in applying for or receiving a Penn State Access Account. Computer security policies no longer allow us to receive an employee’s confidential account information. New employees will file the access account application form directly with the Accounts office at University Park, and will need to visit any campus of the university to receive their password. We used to provide an intermediary service for these account procedures, it is now against policy to do so.

If the person is paid by Penn State, he/she will need to apply for a Penn State Access Account. This username and password combination will grant the employee access to manage their Penn State benefits online, to access Penn State Library information, to connect to authorized Penn State wireless services, to use Penn State campus training computer labs, and to login to CASPAR. Additionally, the employee will need to apply for a College of Ag domain account to gain access to other needed services – to use Enterprise computers, to send and receive e-mail using the College’s Outlook/Exchange system, and to connect to SharePoint services.

Account request process for Penn State paid employees can be found at - http://it.cas.psu.edu/1207.htm

Everyone else NOT paid by Penn State - county paid staff, student interns, and dedicated volunteers who need access to college computers (office computers or SharePoint Sites) to perform their duties - do not receive a Penn State Access Account. They must apply for a “Friends of Penn State” account and the College of Ag Domain Account. Depending on the services requested when the account is created, the domain account will enable this person to use Enterprise computers, send and receive e-mail through the College’s Outlook/Exchange mail system and connect to SharePoint services.

Account request process for County paid employees can be found at - http://it.cas.psu.edu/386.htm

Thank you for your cooperation and patience as we help to make these new processes more routine.

QuickTime 7.5.5 Update Released

2008-09-10T07:48:00.002-04:00

On Sept 9, 2008, an updated version of QuickTime was released (7.5.5). This update fixes an issue where a maliciously crafted movie file may lead to arbitrary code execution on your computer. In simple terms, malware could be installed on your computer. See more details here (Scroll down to the Security Updates section and click the link for QuickTime 7.5.5).

QuickTime is installed on all Enterprise computers. Apple's QuickTime software allows your Enterprise computer to view graphics, videos, on-line video streams (ex: Candidate Interviews in the College), and more.

Action Required: Please see our How To Install QuickTime for Windows using the Standalone Installer for steps on updating QuickTime to the latest version.

Adobe urges users to validate Software Update Installers

2008-08-05T13:40:00.009-04:00

The Adobe Product Security Incident Response Team (PSIRT) posted a Verifying Installers entry on August 4, 2008 (in italics below). They added this notice following the news that malware links are being included in the comments sections of such Web 2.0 sites as MySpace and Facebook. Hackers are attempting to trick Windows users into installing a Flash Player update that turns out to be a malicious program. To read more about these worms, see Web worms squirm through Facebook, MySpace.

Adobe makes a number of good points below, that we've bolded. Even if you don't use sites like MySpace, Facebook or Twitter, you should be very cautious of links or pop-ups that want you to download and install software. If in doubt, just say NO. You should also be aware that you can verify valid software by checking its digital certificate.

"We have seen coverage from the security community of a worm on popular social networking sites that is using social engineering lures to get users to install a piece of malware. According to the reports, the worm posts comments on these sites that include links to a fake site. If the link is followed, users are told they need to update their Flash Player. The installer, posted on a malicious site, of course installs malware instead of Flash Player.

We’d like to take this opportunity to reiterate the importance of validating installers and updates before installing them. First off, do not download Flash Player from a site other than adobe.com – you can find the link for downloading Flash Player here. This goes for any piece of software (Reader, Windows Media Player, Quicktime, etc.) – if you get a notice to update, it’s not a bad idea to go directly to the site of the software vendor and download the update directly from the source. If the download is from an unfamiliar URL or an IP address, you should be suspicious.

Second, all Adobe software for Windows is signed with a digital certificate that is validated by Windows when you install our software. The Publisher will always be ‘Adobe Systems, Incorporated’, and you can verify this when you double-click the installer, or by right-clicking on the installer, selecting ‘Properties’, and going to the ‘Digital Signatures’ tab.

For Flash Player in particular, you can always go to this page to verify what version of Flash Player you have installed, and what the current version of Flash Player is for your Operating System. The current Flash Player version is 9.0.124.0."

Adobe Reader v9.0 is Available

2008-07-10T16:54:00.004-04:00

As of June 25, 2008, the current version of the Adobe Acrobat and Adobe Reader is version 9.0.0.

NOTE: If you have version 8.1.2 with Security Update 1 of either Adobe Acrobat or Adobe Reader, you do not need to update to version 9.0.0. You can continue to use the 8.1.2 version.

If you would like to install the new Adobe Reader, please see our How To Install and Configure Adobe Reader v9 for Windows for steps on updating Adobe Reader to the current version.

If you would like to purchase a license for the "full" version of Adobe Acrobat 9, this is available to faculty, staff and students at the Penn State Computer Store at http://www.computerstore.psu.edu/. Adobe Acrobat is Departmental Site Licensed software.

From the Computer Store's home page, click Departmental Licenses then click Adobe License. You will see a Acrobat 9 Pro Win License ($56.00 SLWNSR046) and Acrobat 9 Pro Win DVD Media ($7.50 SMWNSR054). These are sold separately. Why? Often a Department will buy 1 copy of the media. Then Faculty or Staff purchase their individual license for $40. You can then sign out the departmental DVD for the install. But, if you want a DVD of your own, you would need to purchase both a copy of the media along with a paper license.

Sun Releases Java(TM) 6 Update 7

2008-07-09T16:14:00.002-04:00

As of July 9, 2008, the current version of Sun's Java client is Java(TM) 6 Update 7. Please follow our "How To Update Sun's Java Software" to update your Java software.

Fixed: This release contains fixes for one or more security vulnerabilities.

Note: Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel".

Adobe Releases Security Update 1 for Adobe 8.1.2

2008-06-24T15:33:00.007-04:00

A critical vulnerability has been identified in Adobe Reader and Acrobat 8.1.2. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system.

Adobe recommends users of Acrobat 8 and Adobe Reader install the 8.1.2 Security Update 1 patch. Adobe Reader is installed on all Enterprise computers.

To see what version of Adobe Reader you have installed, follow these steps:

Open Adobe Reader.

From the Help menu choose About Adobe Reader ....

Note: You will see the version number listed in this window.

Click the version window to close it.

If you saw Version 8.1.2, go to the Apply Security Update 1 section of our How To Install and Configure Adobe Reader for Windows for steps on applying the Security Update.

If you have an earlier version than 8.1.2, please see our How To Install and Configure Adobe Reader v9 for Windows for steps on downloading the new version, remove any old versions, install the new version and apply the Security Update 1 patch.

If you are still using a previous version of the "full" Adobe Acrobat (version 7), Adobe recommends Acrobat 7 users on Windows update to Acrobat 7.1.0, available here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

Full details can be found on the Adobe Security Update available for Adobe Reader and Acrobat 8.1.2 page.

Install Compatibility Pack to Read Office 2007 Files - Service Pack 1 (SP1)

2008-06-12T06:59:00.002-04:00

The Compatibility Pack for the 2007 Office system allows computers with Microsoft Office 2003 to open Office 2007 documents.

Microsoft has released Office Compatibility Pack Service Pack 1 (SP1) which contains security, stability, and performance improvements. If you have Compatibility Pack for the 2007 Office system installed on your Enterprise (EN) machine, you should apply this update.

Action Required for Office 2003 Users Only:
Please see our How To Install Compatibility Pack SP1 to Read Office 2007 Files for steps on applying the SP1 update.

Note: If your EN machine has Microsoft Office 2007, you should not follow these steps!