Blog from March, 2019

The commons server was down for another hour on Sunday, April 7th starting at 8PM while the Confluence software was upgraded again to fix performance issues.

----

The commons.lbl.gov server was down for ~1 Hour on Friday, April 5th starting at 6PM while the Confluence software was being upgraded to a newer version which contains a bugfix for the following security vulnerability:
https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html

The WebDAV Plugin and Widget Connector and Office Connector Add-ons have been re-enabled.

The IT User Support Group would like to notify all Asus users to update their computers as soon as possible.

Asus recently announced the need to patch their computers due to potential “ShadowHammer” malware, see http://go.lbl.gov/AsusShadowHammer. Asus Live Update servers were hacked and malicious code was implanted in their servers. It has been cited that at least 1 million downloads of the malicious code were distributed and hundreds of thousands of installs have been executed.

Asus has a diagnostic tool to determine if you have been infected. Further details are explained on the company’s website, http://go.lbl.gov/AsusLiveUpdateNews. Please take action and protect your computers and your work.

Additional methods to protect your systems:

• Install a backup application like Druva inSync to protect your data if a rebuild is in order

• Download and install BigFix so IT User Support can identify if you have been infected

If you desire support, please Request Help.

For Elements Visitors: Apologies for the wrong link in the Oct 26 Elements.  

The correct link to the October 2020 vulnerability information is here: Update Chrome Now

In early March Google confirmed a serious Chrome security issue. This security vulnerability is a memory management error that can enable the execution of malicious code on a user’s computer, see Google reveals Chrome zero-day active attacks.

IT recommends that users immediately update Chrome by restarting it. Users should verify they are running at least version 72.3.3626.121. The current version is 73.0.3683.86. For your reference Google provides Chrome update instructions here.

Thanks to BigFix, the IT Workstation Support Group will be distributing a communication to users who still have the vulnerability. If you wish to receive proactive communications regarding the health of your computer, you can Download BigFix and install it. If you have further questions about BigFix, please Request Help.

Lab IT has released Microsoft’s latest update to Windows 10, version 1809 (see What’s new in Windows 10, version 1809 for IT Pros). This update is recommended for all Windows 10 users.

• Installing this update will require a couple of reboots, so be prepared for it to take some time.

• During the update installation, users will see progress updates with messages such as:

• Preparing to update…..

• Downloading…..

• Installing Update…..

• This entire process can take up to an hour, but you can continue to work during this time.

• Windows will notify you that you need to reboot. The reboot can take up to 15-20 minutes to complete, so you may want to choose the option to schedule the reboot for later.

• After the initial reboot, Windows will automatically reboot a couple of times as part of the update process.

If you want to install this update now, please follow the directions at Get the Windows 10 October 2018 Update.

For general information regarding Windows updates, see Microsoft’s site, Update Windows 10.

Remember: always keep your operating system up to date, your applications patched, and your system rebooted at least once a week!