Student IT Site
Mercer's IT department provides Security Updates to ensure our faculty, staff, and students are protected from computer security breaches and vulnerabilities. We have also compiled a list of security best practices to help you help yourself. By familiarizing yourself with - and acting on - the information on this page, you will go a long way towards ensuring you don't become a victim of identity theft or suffer a catastrophic loss of data. We urge all Mercer employees and students to follow the security best practices outlined here.

Security Updates
Title
Date Released
Bash (Shellshock) Vulnerability Friday, September 25, 2014
Internet Explorer Vulnerability Wednesday, April 30, 2014
Heartbleed Vulnerability Wednesday, April 16, 2014

Bash (Shellshock) Vulnerability

Recently, a new security vulnerability affecting the Mac OS X, Linux, and Unix operating systems was discovered. The vulnerability has been named Shellshock, and allows an attacker to remotely execute commands. Apple is aware of the vulnerability and is working quickly to provide a software update for OS X. According to Apple, unless a user configures advanced UNIX services on a Mac, the system is not at risk. A fix has already been provided for Linux operating systems via normal update methods. Microsoft Windows is not affected by this vulnerability. Additional details regarding the impact can be found here.


Internet Explorer Vulnerability

Microsoft announced a security vulnerability affecting all supported versions of Internet Explorer, to include versions 6 through 11. If exploited, this vulnerability could allow remote attackers to gain control of a user's computer. Mercer’s IT department has taken every precaution to prevent the attack from affecting Mercer systems; however, we recommend you take additional precautions until Microsoft releases a patch. We recommend that you only use Internet Explorer for trusted sites only. For general Internet use, we recommend the Firefox or Chrome browsers. Mac users are not affected by this issue.

This advisory is also being provided as a courtesy for you as your personal computer systems may not have the protections we have in place at Mercer. Follow the steps below to mitigate the risks to your personal computer:

  1. Keep Windows Updates current.
  2. Keep Adobe Flash Updates current.
  3. Run Internet Explorer in “Enhanced Protected Mode” configuration and 64-bit process mode, which is available for IE10 and IE11 in the Internet Options settings:


Additional Information

Micrsoft Security Advisor


Heartbleed Vulnerability

On Monday, April 7th the Internet community became aware of a security flaw in a very common technology used to secure communication between clients and servers. The flaw has been named Heartbleed, and it allows malicious attackers to read network traffic that was thought to have been securely encrypted. Many websites have already patched the security flaw, but some still remain vulnerable. CNET has created a website to check the vulnerability status of many popular websites, and if a site you use frequently is not listed on this page, the Qualys SSL Labs website will allow you to check the status of any web address. Although Mercer's systems have not been affected by this vulnerability, we urge all Mercer employees and students to follow these Security Best Practices guidelines.











Mercer University
(478) 301-7000 . (678) 547-8989
helpdesk@mercer.edu