Adobe Acrobat Pro X will reach “End of Core Support" on Nov. 15, 2015.

"End of core support" means that Adobe will no longer provide patches for this version, and any exploits discovered will not be corrected. Since Adobe will not support this version after November, it will become a security risk.

UAB IT strongly encourages users to upgrade to a newer version of Adobe Acrobat. 

Adobe subscriptions are available under the IT Software Library website under Adobe Software. You may also submit a request to AskIT directly from this website.
A new phishing email is hitting UAB users' inboxes, purporting to be from "Staff Portal." 

phishing staffportal
Users should not click the link in the email. The URL has been blocked from campus, but the login page is a replica of a UAB page with university branding. Phishing emails are usually an attempt to gain access to steal your personal or financial information.

phishing fakelogin

If you receive an email with a hidden link like “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. 

You should only enter your UAB credentials at UAB .edu web sites.

To report suspected spam to AskIT, please follow the instructions here.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
SignageScreens copy

Digital signage offers a dynamic, vibrant and even interactive way to deliver targeted messages to campus audiences.

UAB IT now provides campus departments with a comprehensive digital signage solution. All customers have to do is manage their message.

Campus customers can order one or multiple signs, and UAB IT will handle the purchase and installation of the signs as well as host the content management platform. Departments will manage their own signage content, which can range from slideshows, video, web pages, RSS feeds, weather and more.

Digital signs can be used to publicize campus or department events, share information, promote recognition and provide directions.

Integration with campus-wide emergency management alerts is coming soon to UAB IT’s digital signage solution.
Office2016
Microsoft Office 2016 for Mac is licensed for faculty and staff to install on UAB-owned machines at no cost.

The software can be downloaded from the IT Software Library

Microsoft Office 2016 for Mac comes with new versions of Word, Excel, PowerPoint, Outlook, and adds OneNote.

UAB IT highly recommends users look at the Office 2016 for Mac Quick Start Guides.

Before installation:
  • Please make sure your Mac has all of its operating system updates installed.
  • Check to make sure the needed hard drive space is available (2.5GB for download and 5.6 after install) of approximately 8.2GB.
  • Close all Office applications before beginning the installation.
It is recommended that users uninstall Office 2011 by following these steps on the Microsoft site.

Installation:
  • Download the linked .ISO file.
  • Open the ISO and launch the package.
  • Follow the prompts in the Office installer package, taking the defaults.
  • Run Microsoft Office updates.
The new versions of the Microsoft Office 2016 applications will be located in the root of applications and not in an Office folder as they are in Microsoft Office 2011.

Current Office 2016 Preview users do not have to uninstall the preview version before installing the release version.
ScamAlertUAB students continue to be targets of phone scammers who impersonate law enforcement officers or IRS representatives.

Students at universities across the country have been targets of similar scams, in which malicious callers make threats about alleged debt. Although the phone scammers often know personal details about students -- such as their majors -- students should know there has been NO breach of protected information at UAB. Such information is often publicly available in student directories or social media.

 According to UAB IT’s Information Security division, students need to know:
  • No law enforcement body will call them and threaten to arrest them over the phone.
  • The attackers can spoof a police station phone number or a government number so the call will look like it is coming from such an office.
  • UAB has not suffered a breach that resulted in this scam.

More information about IRS scams is available here.

Tips:
  • Do NOT provide Social Security numbers, birth dates or any other personal information.
  • Ask to call the “officer” or "IRS representative" back, take down their number and call the number back.
  • Ask them to meet you at the police station in question, if they claim to be from a police department.
  • When in doubt, hang up and call the UAB Police Department at 205-934-4434.
A new phishing email purporting to be from AskIT is targeting UAB faculty, staff and students as well as UAB Medical Center staff. 

UAB IT and HSIS are taking steps to block this phishing attempt, but students, faculty and staff should be on alert.

The email has forged the "from" address as AskIT. A sample of the latest phishing email is below.

Phishingattempt askit

Phishingattempt askitIf you receive an email with a hidden link like “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. 

You should only enter your UAB credentials at UAB .edu web sites.

To report suspected spam to AskIT, please follow the instructions 
here.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
The UAB IT organization is being restructured into three divisions as part of CIO Curt Carver's plan to transform UAB IT into a world-class organization. Search committees have been formed and recruitment is ongoing for three key leadership positions:

  • Chief Information Security Officer 
  • Chief Technology Officer
  • Deputy Chief Information Officer
More information about these positions can be found on the UAB Executive Search web site.
computerVirus
UAB IT has new recommendations for antivirus software for both home use by faculty, staff and students and for campus users.

Microsoft Forefront is no longer supported by Microsoft, which means there will be no new updates to guard against new viruses.

UAB IT recommends that faculty, staff and students use Microsoft Security Essentials on their home machines that have Windows 7 and Vista. Machines using Windows 8 or higher have Windows Defender built in.

Mac users should continue to use Sophos anti-virus, which faculty, staff and students can download for free through UAB IT.

Learn more about antivirus software here.
Microsoft is scheduled to release Windows 10 on July 29, 2015. Many UAB employees will want to upgrade to the new version, or will be receiving new systems with Windows 10 already installed.

While Windows 10 will add many new features, Windows 10 does not work with many applications at UAB. Most software developers have not released compatibility updates or new versions of their software for Windows 10, and many software incompatibilities are expected.

UAB IT recommendations and guidance:
Because of these issues, UAB IT recommends that Windows 10 not be installed at this time. If Windows 10 is required and is used on a touch-enabled device, UAB IT recommends you use Windows 8 "classic view."
  • UAB IT will offer only limited support for Windows 10.
  • New systems that are ordered from Dell may included Windows 10 by default in the near future, but departments/schools should consider re-imaging those decices using an approved Windows 7 image prior to deployment.
  • Upgrade support for special business cases and exceptions will be evaluated as needed.
  • Windows 7 should remain the primary operating system on university-owned computers until the issues with Windows 10 are resolved.
  • We foresee retiring Windows 7 within three years and moving to Windows 10 as the primary operating system on university-owned computers.

Compatibility Review

Results of our compatibility review of Windows 10 and UAB IT services.

Service Compatible with UAB IT services? Notes
Adobe Creative Suite No All Adobe Creative Suite products are not currently compatible with Windows 10. During installation, the applications stalls and must be ended manually.
Internet Explorer 11 Yes Internet Explorer (IE) 11 is one of two browsers available on Windows 10. The other is the new Edge browser.
Microsoft Office 2013 Yes No published issues.
Banner No Possible use of IE 11 in enterprise mode — no guidance from Banner or Microsoft.
Oracle No On Microsoft compatibility list. This does not include any UAB applications in the Oracle system.
Software Center (SCCM) No Software Center and other software management tools do not successfully install on Windows 10. (They will be available on the next update from Microsoft.)

UAB IT will continue to test the subsequent releases of Windows 10 with the various services and most frequently used software titles. Once we have confirmed that Windows 10 is compatible with most, if not all, services and software that the product is ready for mainstream distribution, this section will be updated with information on how to obtain the new operating system.

If your school or department IT professionals are interested and available to participate in any evaluation and testing related to Windows 10, please contact Sterling Griffin.

Anticipated hardware requirements
Recommended minimum hardware requirements for Windows 10:
  • Processor: 1.5 Ghz (gigahertz) dual core or better
  • RAM: 8 GB (gigabytes) or more
  • Free hard disk space: 30 GB or more
  • Graphics card: Microsoft Direct X 9 graphics deveice with WDDM driver or better
Adobe FormsCentral is retiring July 28, but UAB IT can help in the transition. UAB IT offers Adobe Acrobat for download at a discount.

After July 28, users of Adobe FormsCentral will no longer be able to create new forms or collect responses using FormsCentral. Adobe recommends that users immediately export responses to a file type of your choice — and convert your FormsCentral forms to PDFs, if desired. You will NOT be able to do so once FormsCentral expires.

Adobe Acrobat can be used to collect form data automatically and compile it in a table format. Data can be exported to a spreadsheet for further analysis or to create charts for summary reports.

Adobe Acrobat is offered through UAB IT. Learn more here.

To learn more about the retirement of Adobe FormsCentral, please read the Forms Central FAQ or Adobe Forums.
Microsoft on Monday released a critical patch outside of its normal patching cycle. 

The update fixes a vulnerability in Windows that could allow an attacker to execute code on a system if they can convince the user to open a specially crafted document, or have them visit an untrusted webpage that contains embedded OpenType fonts. 

The update, which requires a system reboot, was released to all UAB IT Desktop-supported machines at 4 p.m. Monday. Users have 72 hours to let the patch install and reboot the system. Users should get a notification bubble pop up at the system tray. After 72 hours, if a user has not allowed the patch to install, it will install automatically and the system will be forced to reboot.

UAB IT urges users to find an opportune time to let the patch install and allow the reboot occur to help protect UAB systems and information.
Excellence, service, security and shared governance are among the hallmarks of a new set of strategic imperatives UAB IT is committed to meeting, Vice President for Information Technology and CIO Curt Carver said.

The strategic imperatives enhance Carver’s vision for UAB IT.

“My vision for UAB IT is a world-class IT organization that effectively balances cost efficiency, agility and innovation,” he said. “Our relationships with our customers, business partners and vendors are long-term relationships that allow us to move at the speed of trust. This vision does not depend on one person but instead on a dedicated team where everyone is an agent of innovation and aligned to support the University of Alabama at Birmingham.”

The department’s strategic imperatives include:
  • Create a secure computing environment for all UAB members through appropriate policy, training and technology.
  • Build an IT shared governance structure with particular focus on partnership with the Health System.
  • Create a world-class IT organization so that if our customers could choose any provider, they would choose UAB IT.
  • Generate business value though reduced costs, process innovation or revenue generation.
  • Innovate UAB through partnerships with institutional business owners, with a focus on academic and research operations.
  • Foster an institutional data-driven decision-making culture that allows UAB to make informed and optimal decisions.
  • Enhance the community of information technology excellence for the economic, social and cultural benefit of Birmingham and beyond. 
At the same time, UAB IT is striving to be more transparent in its interaction with UAB customers and IT professionals across campus. The SPARK initiative invites faculty, staff and students to share their technology ideas and vote on the ideas of others. The reThink Project will change how UAB IT interacts with its customers, and IT professionals in other departments and schools will be invited to participate in the project. And the UAB IT Financial Transparency and Accountability Project will give IT customers a better understanding of their IT costs.
UAB IT is actively working to migrate servers across campus that are using Microsoft Windows Server 2003, which will reach end of life after July 14, 2015, meaning it will be unsupported by Microsoft.

Servers that are not migrated could cause problems with compliance and compatibility as well as increase costs for maintaining aging hardware.

To facilitate this transition, the UAB Enterprise Information Security Office (EISO) is actively working with Windows Server 2003 system owners to ensure a plan is in-place and actively being worked to migrate or retire affected systems.

If your department has affected servers, you should hear from UAB IT staff soon. If you have questions or concerns, call (205) 975-0842 or email datasecurity@uab.edu.

You can request an exception by filling out the Exception Request Form and submitting to AskIT.
UAB IT took advantage of an unexpected service interruption earlier this month to upgrade the servers that support several campus systems, including eLAS and LMS.

This upgrade improved system performance and strengthened security.

These technical changes did result in a new URL for several services, so users may need to update their bookmarks. Affected systems included eLAS (the Electronic Leave Accrual System for monthly employees); the LMS (the learning system for faculty and staff); Sponsored Access to Accounting Systems (SASS); Benevolent Fund; and State Transparency (UAB Expenditure Transactions).

UAB IT recommends that users bookmark the Administrative Systems page to ensure seamless log in to key systems and to receive alerts and messages.

UAB systems including eLAS and the LMS are back online. 

Systems that were affected by the outage included: the Electronic Leave Accrual System (eLAS), the web application in which monthly employees track time off; the faculty and staff Learning System (LMS); Sponsored Access; STREP; Benevolent Fund; and Temp Services.

Users with bookmarks to those apps will need to update those bookmarks on their browsers. Applications can be accessed from the UAB IT home page or the Administrative Systems page.
A wave of phishing e-mails using false messages about mailbox size has hit UAB, mainly targeting student accounts in an attempt to steal personal information.

The emails warn that recipients’ mailboxes are “almost full” or have reached “90% of your quote,” and urge recipients to click a link to re-validate their mailboxes. UAB will never direct users to a non-UAB web site for anything regarding email or concerning your password.
Phish1Phish2
UAB IT is taking steps to block this phishing attempt, but students, faculty and staff should be on alert.

If you receive an email with a hidden link like “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. In the case of this phish you are being redirected to www.didrihsons  .lv/wp-content/wps4/  and not uab.edu.

You should only enter your UAB credentials at UAB .edu web sites.

To report suspected spam to AskIT, please follow the instructions here

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
UAB IT wants to crowdsource innovation.

SPARK, a new platform through which UAB faculty, staff and students can submit ideas about technology and vote on the ideas of others, launches this week. The platform, accessed via BlazerID, will allow the UAB community to propose new bold technology projects, as well as suggest efficiencies, enhancements or improvements in existing projects.

“Our intent is to create a voice for you,” said Dr. Curt Carver, UAB chief information officer and vice president of information technology. “We’re looking for 100 IT ‘wins’ over the next year, and we want to leverage the ideas of the UAB community to make our University stronger. This is an opportunity for you to share your ideas, and for us to align those ideas with the needs of a world-class organization.”

Here’s how the new platform works: When you log in to the SPARK site with your BlazerID, you can explore the ideas already submitted and vote on whether you think they are needed for UAB, or you can submit your own idea for one of four campaigns: cost savings and efficiency, existing service enhancements, bold new ideas or revenue generation.

Ideas can be large or small, and those that attract the most support are more likely to be adopted.

To learn more about SPARK and watch a brief video about it, click here.

To enter the SPARK site and submit an idea or vote on others, click here.
Some UAB students have been targets of a phone scam in which malicious callers make threats about alleged debt, similar to scams seen at universities across the country.

According to UAB IT’s Information Security division, students need to know:

  • No law enforcement body will call them and threaten to arrest them over the phone.
  • The attackers can spoof the police station phone number so the call will look like it is coming from the police station.
  • UAB has not suffered a breach that resulted in this scam.

Tips:

  • Ask to call the “officer” back, take down their number and call the number back.
  • Ask them to meet you at the police station in question.
  • When in doubt, hang up and call the UAB Police Department at 205-934-4434.
  • Do NOT provide Social Security numbers, birth dates or any other personal information.
kurt carver webCurtis A. Carver Jr., Ph.D., has been named the next vice president of Information Technology/chief information officer of the University of Alabama at Birmingham. Carver comes to UAB from the Board of Regents of the University System of Georgia, where he served as vice chancellor and chief information officer.

In his new role, Carver will serve as the senior IT leader at UAB, provide the strategic management and vision to guide the future direction of IT in support of the administrative, academic and research missions of UAB, and oversee the central IT organization in collaboration with the Health System Information Systems unit.

The VP IT/CIO reports directly to UAB President Ray L. Watts.

“Dr. Carver has a terrific background and reputation, and we are thrilled that he will be joining UAB,” Watts said. “This position is vitally important because IT touches all areas of the institution, and I want to thank the search committee that worked diligently to lead a national search and identify fantastic candidates. Dr. Carver is a great fit for UAB.”

Carver, who will lead development of a transparent, high-performing central IT organization with a culture of providing first-rate customer service and implementing reliable, state-of-the art technologies, is looking forward to moving to his transition.

Click here to learn more about Carver.
OpenSSL released a security advisory bulletin on Thursday, March 19, detailing multiple high and moderate severity vulnerabilities in the secure sockets layer library used in Linux and Unix based systems.

The security vulnerabilities have been addressed in the most recent version of OpenSSL and should be available from the standard update channels for Linux distributions at this time. UAB IT encourages all Linux and Unix systems administrators take steps to update their systems during their planned update windows in upcoming weeks. 

More information is available at:

https://openssl.org/  and

http://www.cyberciti.biz/faq/howto-openssl-security-update-cve20150291-cve20150204-cve20150290-cve20150207-cve20150286/