Information Security Office (ISO)
The ISO collaborates with the campus community to protect Carnegie Mellon from and to respond to threats to our electronic information resources and computing and networking infrastructure.
News & Alerts
Security Alert: Critical Vulnerabilities in Java 6 and 7
04/24/2013
Multiple
new security vulnerabilities have been discovered in Java and are being
actively exploited to compromise computers. Oracle has released
new versions of Java 6 and 7 to correct these vulnerabilities. All Java users should update to new
versions as soon as possible. The Information Security Office will continue to
monitor for and block known malicious websites and will also notify users of
vulnerable computers on the campus network.
For information on the security alert and on What You Need To Do, please read the entire security alert message on Critical Vulnerabilities in Jave 6 and 7.
Security Alert: Critical Vulnerabilities in Java 6 and 7
02/04/2013
Multiple new security vulnerabilities have been discovered in Java, one of which is being actively exploited to compromise computers. Oracle has released new versions of Java 6 and 7 to correct these vulnerabilities. All Java users should upgrade as soon as possible. The Information Security Office will continue to monitor for and block known malicious websites and will also be monitoring for and notifying users of vulnerable computers on the campus network.
For information on the security alert and on What You Need To Do, please read the entire security alert message on Critical Vulnerabilities in Java 6 and 7.
Security Alert: Critical Vulnerability in Internet Explorer 6, 7 & 8
01/15/2013
A critical vulnerability has been discovered in Internet Explorer that could be exploited to compromise computers. Microsoft has released a security update to correct this vulnerability. All Microsoft Windows users should run Windows Update to ensure this latest security update is installed. The Information Security Office will continue to monitor for and block known malicious websites that are exploiting this vulnerability.
For information on the security alert and on What You Need To Do, please read the entire security alert message on Critical Vulnerability in Internet Explorer 6, 7 & 8.
Security Alert: Critical Vulnerability in Java 7 (or 1.7)
01/15/2013
A new critical vulnerability in Java is being actively exploited to compromise computers. Oracle has recently released Java 7 Update 11 to correct the issue. All users of Java 7 should upgrade to Java 7 Update 11 as soon as possible. The Information Security Office will continue to monitor for and block known malicious websites as well as monitoring for and notifying users of vulnerable computers on the campus network.
For information on the security alert and on What You Need To Do, please read the entire security alert message on Critical Vulnerability in Java 7 (or 1.7).
