Now Viewing Information for: Employees
Show me information for Students
Mercer's IT department provides Security Updates to ensure our faculty, staff, and students are protected from computer security breaches and vulnerabilities. We have also compiled a list of security best practices to help you help yourself. By familiarizing yourself with - and acting on - the information on this page, you will go a long way towards ensuring you don't become a victim of identity theft or suffer a catastrophic loss of data. We urge all Mercer employees and students to follow the security best practices outlined here.

Security Updates
Title
Date Released
WannaCry Ransomware Friday, May 12, 2017
Bash (Shellshock) Vulnerability Friday, September 25, 2014
Internet Explorer Vulnerability Wednesday, April 30, 2014
Heartbleed Vulnerability Wednesday, April 16, 2014

WannaCry Ransomware

As you may have heard through news outlets, a new form of ransomware named WannaCry is currently spreading through computers around the world. This infection can be spread through spam emails containing infected attachments.

As always, we highly encourage you to protect yourself and your data by being especially cautious when opening emails or attachments from unfamiliar sources, especially if these emails are related to job offers, invoices, or prescription drugs. At this time, no Mercer computers have been affected, and your caution is appreciated. If you have any reason to doubt the authenticity of an email, contact the IT Help Desk.


Bash (Shellshock) Vulnerability

Recently, a new security vulnerability affecting the Mac OS X, Linux, and Unix operating systems was discovered. The vulnerability has been named Shellshock, and allows an attacker to remotely execute commands. Apple is aware of the vulnerability and is working quickly to provide a software update for OS X. According to Apple, unless a user configures advanced UNIX services on a Mac, the system is not at risk. A fix has already been provided for Linux operating systems via normal update methods. Microsoft Windows is not affected by this vulnerability. Additional details regarding the impact can be found here.


Internet Explorer Vulnerability

Microsoft announced a security vulnerability affecting all supported versions of Internet Explorer, to include versions 6 through 11. If exploited, this vulnerability could allow remote attackers to gain control of a user's computer. Mercer’s IT department has taken every precaution to prevent the attack from affecting Mercer systems; however, we recommend you take additional precautions until Microsoft releases a patch. We recommend that you only use Internet Explorer for trusted sites. For general Internet use, we recommend the Firefox browser, which should already be installed on your Mercer computer. Mac users are not affected by this issue.

This advisory is also being provided as a courtesy for you as your personal computer systems may not have the protections we have in place at Mercer. Follow the steps below to mitigate the risks to your personal computer:

  1. Keep Windows Updates current.
  2. Keep Adobe Flash Updates current.
  3. Run Internet Explorer in “Enhanced Protected Mode” configuration and 64-bit process mode, which is available for IE10 and IE11 in the Internet Options settings:


Additional Information

Micrsoft Security Advisor


Heartbleed Vulnerability

On Monday, April 7th the Internet community became aware of a security flaw in a very common technology used to secure communication between clients and servers. The flaw has been named Heartbleed, and it allows malicious attackers to read network traffic that was thought to have been securely encrypted. Many websites have already patched the security flaw, but some still remain vulnerable. CNET has created a website to check the vulnerability status of many popular websites, and if a site you use frequently is not listed on this page, the Qualys SSL Labs website will allow you to check the status of any web address. Although Mercer's systems have not been affected by this vulnerability, we urge all Mercer employees and students to follow these Security Best Practices guidelines.














helpdesk@mercer.edu
(478) 301-2922 . (678) 547-6310