UAB Information Security recently discovered a new spam campaign where users are tricked into opening an email attachment that contains a virus aimed at stealing passwords and financial information.  As with any suspicious email messages you may receive, please report them to askit@uab.edu for inspection.

The recent spam email messages are crafted to look like they came from one of several legitimate companies such as Chase Bank, the Better Business Bureau (BBB), Department of Treasury, Dun & Bradstreet Financial Services or a wire transfer company. You should be aware that these emails are forged and that none of the information included in the email can be trusted including embedded links, e-mail addresses or phone numbers.

Here are some of the common email subject lines we have seen in this spam campaign:

•  FW: Company 2013 Report

•  Incoming Wire Transfer Notification

•  D&B iUpdate: Company Order Requested

•  Department of Treasury Notice of Outstanding Obligation – Case ######

•  Better Business Bureau Complaint Case #######

•  Merchant Billing Statement

•  ACTION REQUIRED: A document has arrived for your review/approval (Document Flow Manager)

Compatibility testing of Microsoft 2013 is underway.

Microsoft Office Professional Plus 2013

Office Professional Plus 2013 includes Word, PowerPoint, Excel, Outlook, OneNote, Access, Publisher and Lync and will be the version available to UAB under our Microsoft Campus Agreement when released to Campus.

UAB IT is testing Microsoft Office 2013 to determine its compatibility with applications and systems deployed in the UAB environment. Current testing includes Office 2013’s compatibility with the following:

  • Adobe Acrobat
  • EndNote
  • I>clicker
  • Turning Point

In addition to UAB IT’s testing, we request that your department conduct its own testing of Office 2013 with applications and systems that are unique to your environment. This week we will release Office 2013 to TIMGroup for testing purposes. Please report your application compatibility results to Sterling Griffin (Sterling@uab.edu) once your testing is complete. Also include a list of any applications you use that interact with Office.

Until the testing and evaluation of Office 2013 is complete, UAB IT is not recommending it for mass deployment.

You may download Office 2013 from the UAB IT software site HERE.  An install guide is available.  (Office 2013 is available for download to TIMGroup members only.)

Deployment: (with SkyDrive disabled when using Office 2013)

UAB IT will post on the download site 2 versions of the ISO.

  1. As delivered from Microsoft.
  2. With the registry key to disable SkyDrive in a transform file

Office 2013 uses Microsoft’s SkyDrive cloud-based file-hosting service. We recommend disabling SkyDrive at this time. This can be accomplished in two ways: Using the Registry Editor and using the Group Policy Editor.

  • Disabling SkyDrive by using the Registry Editor
      • Launch the Registry Editor by opening the Run dialog box and entering regedit.
      • When the Registry Editor opens, navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\SignIn.
      • If the SignIn key doesn’t exist, create it by right-clicking on Common à New à Key à SignIn.
      • In the right pane of the SignIn key, create a new DWORD value named SignInOptions.
      • Double-click on SignInOptions and change its value to 3. To restore SkyDrive functionality, simply set the SignInOptions value to 0.
  • Disabling SkyDrive by using the Group Policy Editor
    • To use this method, you need to install the Office 2013 Administrative Templates. If you don’t have these templates, download them from the Microsoft Downloads Web site and install them.
    • Once the Administrative Templates are installed, open the Run dialog box and enter gpedit.msc to open the Local Group Policy Editor.
    • Now that you’re in the Local Group Policy Editor, navigate down the tree to User Configuration à Administrative Templates à Microsoft Office 2013 à Miscellaneous.
    • Find the “Block signing into Office” option in the list of settings and double-click it.
    • In the Properties window, click “Enable” and select the option “None Allowed.”

Windows 8 is not recommended for campus use at this time. However, if you have to support a Windows 8 portable device, it must be encrypted. At this time, BitLocker is available to accomplish this task on all Windows 8 portable devices that have a TPM chip and do not run on an ARM platform (such as a Windows 8 RT tablet). Windows 8 devices that run on an ARM platform or those that do not have TPM chips should not be used.

UAB Policy requires all laptop/portable devices owned by UAB or UAB businesses and all personal laptop/portable devices used for UAB business be encrypted. PGP, UAB’s current encryption tool, does not work on Windows 8 and Symantec has not yet set a support date for Windows 8.

BitLocker is an acceptable alternative to encrypt Windows 8 system drives in some circumstances. In the past, BitLocker has been recommended when PGP was incompatible with Windows 7 or specific BIOS versions. Systems that are currently encrypted with PGP should remain encrypted via PGP.  UAB IT is currently researching BitLocker key management solutions and will issue further guidance as available, but in the mean time, BitLocker should be installed using the non-enterprise setup method below.

Non-Enterprise BitLocker Setup

Recommendations for using BitLocker

    • Password set system BIOS
    • TPM chip in the device
    • You must take ownership of the TPM chip
    • Before updating the BIOS, BitLocker must be suspended
    • Escrow the key in some manner
    • Professional/enterprise version of Windows
    • Use a TPM + PIN authentication method
    • System must be formatted NTFS with two volumes

 Escrowing the key

With Windows 8, you may escrow the key in one of the following ways:

  • Save the recovery key to a USB flash drive
This method saves the recovery key to a USB flash drive. This option cannot be used with removable drives.
  • Save the recovery key to a file
This method saves the recovery key to a network drive or other location.
  • Print the recovery key
This method prints the recovery key, but it is not recommended.

It will be up to the department to maintain the escrow recovery keys.

Installation instructions can be found here

Published in FAQ - Infrastructure

OSX 10.8 and Java 1.7.0_13

UAB IT’s minimum recommendations for versions of Mac browsers and Java have changed as UAB systems have improved functionality that are compatible with the current version of Java.  UAB IT recommends installation of Mac OSX 10.8 and Java 1.7.0_13.  Apple operating systems will not run any version lower than Java 1.7.0_13.

UAB IT is also recommending using two different browsers — one for surfing the Web and one just for accessing UAB systems. For Internet Web browsing, use one of the following: Firefox with Java disabled, Safari, or Chrome. For working with just UAB systems, choose a different browser and enable Java to work in it. If you run into compatibility issues with the local browser and UAB IT systems, use the IT terminal servers to access UAB resources via RDP client. For more information, contact AskIT.

Published in FAQ - Infrastructure

Windows Systems

•Upgrade to Windows 7

A large-scale project is underway to upgrade all university-owned computers on the UAB campus to Windows 7 by April 8, 2014. At that time, Microsoft will cease its support for Windows XP, which has been the operating system primarily used by UAB computers in recent years. As a result of Microsoft no longer supporting this operating system, XP computers will no longer receive security updates. This creates a greater chance of XP computers being infected by viruses or compromised by malware.

This leaves one budget cycle to accomplish funding of this project. Upgrading to Windows 7 for any system needing network connectivity should be completed by April 2014.

• Install IE 9 and the most recently released version of JAVA

We are updating our minimum recommendations for versions of Internet Explorer and Java as UAB systems have improved functionality to support newer browsers and the currently secure version of Java. Internet Explorer 9 and Java (latest release) are recommended for installation on Windows 7 systems.

• Windows 8 not currently recommended for use

As XP fades away, Microsoft has rolled out its newest operating system, Windows 8. The transition from XP has prompted some users to ask why IT doesn’t upgrade to Windows 8 instead of Windows 7. The answer is that Windows 8 is currently not recommended for widespread use in the UAB environment due to the following reasons:

  • Currently, not all of UAB’s business systems support Internet Explorer 10, the minimum version of IE used by Windows 8.
  • Windows 8 introduces management changes that IT is not yet ready to address.
  • Windows 8 is best used on hardware that is specifically made for Windows 8, such as touchscreen displays or touchpads. Other than the touchscreen/touchpad functionality, Windows 8 possesses similar functionality to Windows 7 from an end user’s point of view.
  • PGP (UAB’s approved laptop encryption tool) is not supported on Windows 8 laptops. A recommended alternative is Microsoft’s Bitlocker product. (See Bitlocker with windows 8 for more information)
Published in FAQ - Infrastructure

Based on the availability of new operating system versions and browser versions, UAB IT has updated its recommendations for both Windows and Mac versions/systems. In addition, with the release of Windows 8, PGP (UAB’s encryption tool for portable/laptop devices) is not currently supported. UAB IT is recommending Microsoft’s BitLocker product for encrypting Windows 8 devices.

For details see:

Microsoft Recommended Systems/Versions

Apple/Mac Recommended Systems/Versions

Microsoft Windows 8 and BitLocker Encryption

January 31, 2013

IT Security Newsletters

Monthly Training Newsletters

UAB IT is now providing information security training materials to inform university faculty, staff and students about computer threats.  Each month a newsletter will be released focusing on new and different cyber security threats.  Contact the UAB IT Information Security office for more specific training options that can increase the protection of your information systems. 

UAB IT Provides Critical Guidance to Campus on Appropriate Versions of Internet Explorer, Mac OS, and Java to Mitigate Risks of Exploitation; updates Java recommendation to 1.7.0_55

A significant security vulnerability was discovered in the Internet Explorer web browser over the weekend of April 26th and is being shared in mass media.  This vulnerability could allow an attacker to compromise a Windows based computer should the end-user visit a website with appropriate content.

On May 1st, Microsoft released a fix to the IE vulnerability. Users should install this fix immediately.  UAB IT will begin pushing this update Thursday afternoon May 1st.  If IE is open, you will be required to perform a system reboot in order for the fix to take effect. If IE is closed, no reboot should be necessary.  Once the fix has been applied to your system (and IE is open) you will have 24 hours to perform a reboot or your system will automatically reboot.  

UAB IT continues to recommend that end-users use a two web browser methodology to limit the risks to the campus.

1.       Use an up-to-date version of Internet Explorer for conducting UAB business on university supported web sites.

2.       Use a second web browser (such as Mozilla Firefox or Google Chrome) with the Java plug-in disabled for any general web surfing and accessing off-campus resources.

Windows Systems:

• On Windows 7 Install IE 10 and Java 1.7.0_55

UAB IT has updated the minimum recommendations for versions of Internet Explorer and Java as UAB systems have improved functionality to support newer browsers and the currently secure version of Java. Internet Explorer 10 and Java 1.7.0_55 are recommended for installation on Windows 7/8. UAB IT also recommends using a separate browser with JAVA disabled for Internet use.  Use IE for on campus with Java enabled and your choice of Firefox or Chrome for Internet browsing with JAVA disabled (for information on disabling Java click here).

Mac Systems:

• Install OSX 10.9 and Java 1.7.0_55

UAB IT has updated the minimum recommendations for versions of Mac Operating systems and Java as UAB systems have improved functionality that are compatible with the current version of Java. The recommended operating systems for use on Campus are Apple OSX 10.7x and 10.8x. While Apple OSX 10.6x is still supported by Apple, vendors are no longer testing against it for compatibility. Apple operating systems will not run any version lower than Java 1.7.0_51.

UAB IT also recommends using two different browsers — one for surfing the Web and one just for accessing UAB systems. For Internet Web browsing, use one of the following: Firefox Safari, or Chrome, with Java disabled (for information on disabling Java click here). For working with just UAB systems, choose a different browser and enable Java to work in it. If you run into compatibility issues with the local browser and UAB IT systems, use the IT terminal servers to access UAB resources via RDP client (for information on using IT terminal servers on Mac click here).

For more information, contact AskIT (www.uab.edu/askit).