Microsoft released a new critical security update on Nov. 18, 2014, that resolves a Windows vulnerability regarding privileges.

The vulnerability in Microsoft Windows Kerberos KDC could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator.

An attacker could, according to Microsoft, use those privileges to compromise any computer in the domain.

The update requires a restart.

For more information, visit https://technet.microsoft.com/library/security/ms14-068

UAB Information Technology reminds faculty, staff, and students that fraudulent email, internet, and phone scams tend to increase around the holidays.  Users should be vigilant to confirm that unsolicited requests for information are legitimate prior to providing sensitive information. 

A current telephone scam making its way around campus is one in which imposters claiming to be representatives of the Internal Revenue Service. 


Among the most common scams are callers who tell you that you owe money or that you have a refund coming, to try to trick you into sharing private information, according to the IRS.

The IRS, according to its latest alert, does not:

• Call or e-mail to demand payment without having first mailed you a bill.

• Demand you pay taxes without giving you the chance to appeal the amount they say you owe.

• Require you to use a specific payment method.

• Ask for credit or debit card numbers over the phone.

• Threaten to use law enforcement to have you arrested for not paying.

If you receive a phone call you believe is fraudulent, here is what you can do:

• If you know or think you owe taxes, call the IRS at 1-800-829-1040 so that IRS workers can help you with a payment issue.

• If you believe you don’t owe taxes, report the incident to the Treasury Inspector General for Tax Administration at 1-800-366-4484 or at www.tigta.gov.

• If you have been targeted by a scam, contact the Federal Trade Commission and use their “FTC Complaint Assistant” at FTC.gov. Add “IRS Telephone Scam” to the comments of the complaint.
Three months after introducing a stronger WiFi network to campus, UAB IT is reminding users that the WiFi network named "uabwifi_nac" will be discontinued on Dec. 15.

Users whose devices are still logged into uabwifi_nac will need to configure their devices one of two new WiFi networks, UABStartHere or UABSecure.

For users with a BlazerID and password, UABSecure is the preferred network because it provides encryption for sensitive data. UABStartHere is a completely open network, which means it provides no encryption and users will not need to enter a WEP key as they have in the past.

WiFi users who want to connect to UAB’s WiFi network can begin by choosing the UABStartHere network from their device. Upon opening a web browser, users are  automatically directed to a Web site where they can choose whether to configure their device for the UABSecure network, log on to the UABStartHere network or to register as a guest user.

Guests on campus are no longer be required to get sponsor access to use the campus WiFi network. They can simply log on to UABStartHere using a valid e-mail address to get 24 hours of access to the WiFi network.

Unencrypted, sensitive data should NOT be transmitted through the UABStartHere network unless protected by other means, such as a virtual private network (VPN) session. 

If your WiFi device can support the UABSecure network, we highly suggest taking the time to walk through configuring your device using QuickConnect. Click here for instructions.
toysfortotsUAB's 21st annual Toy Drive, benefitting Toys for Tots, is under way.

UAB IT will again organize the drive, with the department's own Eric Thompson leading the effort for the second year.

Boxes for toy donations will be located at 19 buildings across campus. UAB is the largest contributor to the local Toys for Tots effort.

New, unwrapped toys are needed for the toy drive, Thompson said, who is in his fourth year of being involved in the effort.

"I enjoy being able to offer Christmas for children who wouldn't otherwise be able to have Christmas," Thompson said.

Toys will be picked up the morning of Friday, Dec. 5.
Page 2 of 5