To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Microsoft have recently released its October security update notice, there is 117 vulnerability updates this time.

The updates this time mainly cover the following components: Windows and Windows Components, Microsoft Office and Office Components, Microsoft Management Console, Hyper-V, Azure, Visual Studio and Power BI products vulnerabilities.

Details of the vulnerabilities: 

• Microsoft Management Console Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43572

• Windows MSHTML Platform Spoofing Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43573

• Winlogon Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43583

• Microsoft Windows Update Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20659

• Microsoft Configuration Manager Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468

For more details about Microsoft October Updates, please refer to: https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct

If the relevant affected products are used, please install the security updates released by Microsoft as soon as possible. 

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

In today’s digital age, protection of personal data is becoming more important. Identity theft can lead to financial loss, reputational damage, and even legal liability. Therefore, we must take appropriate measures to protect personal data and avoid identity theft. At the same time, it is equally important to protect others’ identities to prevent yourself and others from unnecessary losses and troubles. Here are some effective tips:

1. Encrypt data and timely erase unused data:
   • Ensure confidential data is handled as required by the “Guidelines for Handling Confidential Information”.
2. Transmit and share data carefully:
   • Before sending/replying/forwarding an email, please review the recipients’ email addresses, email content, attachments and ensure they are correct. Besides, when you share the data through computer systems, please check if the system permissions are set correctly.
3. Enable 2FA and use strong passwords:
   • Use Two-Factor Authentication (2FA) and strong passwords, and set different passwords for different accounts.
4. Update systems and enable anti-virus software:
   • Keep operating systems, browsers, and software updated, enable real-time protection, and regularly scan with anti-virus software.
5. Be cautious when using public WiFi and computers:
   • Please assume that public WiFi and computers are not secure. Avoid handling personal data or conducting banking transactions when connecting to public networks or using public computers.

Moreover, beware of phishing scams. Not only money, personal data is also one of the targets of the scammers. Please be vigilant.

Should you have any enquiries, please feel free to contact ICTO Help Desk.

Reference:

• Guidelines for Sending Mass Email and Using Email Group
• Two-Factor Authentication (2FA)
• How to choose a strong password?
• Home use antivirus software Information
• Basic Knowledge of Online Safety and Security

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Microsoft have recently released its September security update notice, there is 79 vulnerability updates this time.

The updates this time mainly cover the following components: Windows and Windows Components, Microsoft Office and Office Components, SQL Server, Microsoft Dynamics, Hyper-V and Azure products vulnerabilities.

Details of the vulnerabilities: 

• Windows Installer Privilege Elevation Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014

• Windows Mark of the Web Security Feature Bypass Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217

• Microsoft Publisher Security Feature Bypass Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226

• Microsoft Windows Update Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491

• Microsoft SharePoint Server Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43464
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38018

• Windows Address Translation (NAT) Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38119

For more details about Microsoft September Updates, please refer to: https://msrc.microsoft.com/update-guide/releaseNote/2024-Sep

If the relevant affected products are used, please install the security updates released by Microsoft as soon as possible. 

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Google have recently issued security vulnerability about Chrome browser.  This vulnerability is widely exploited.

• Please update to Google Chrome version 128.0.6613.84 (Windows/ Linux) or later, 128.0.6613.85 (Mac) or later

For more details, please refer to: https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html

Steps to update Google Chrome browser

• Open your Google Chrome browser on your desktop.
• Click the three vertical dots in the upper right corner to open the dropdown menu.
• Select “Settings“.
• Click “About Chrome” on the left-hand sidebar.
• Chrome will automatically check for updates or you can click the button “Update Google Chrome”.
• Restart the Chrome.

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

No matter where we are, cybersecurity is an important issue that cannot be ignored.

Here are some cybersecurity tips:

1. Update the software on your mobile devices, including antivirus software, as these updates often contain security fixes.
2. Use strong passwords and avoid using passwords that are easy to guess.
3. Enable multi-factor authentication services to protect your accounts.
4. Backup your data completely before travel.
5. Enable anti-theft and remote data destruction features on your mobile devices.
6. Disable automatic Wi-Fi and Bluetooth connections on your mobile devices.
7. Be cautious when using public Wi-Fi or public computer, avoid entering passwords or confidential information on these systems.
8. If you need to access UM internal information through public Wi-Fi, please use a VPN.
9. Be aware of your surroundings and pay attention to where and how you use your devices.
10. Protect your mobile devices, never leave them in public places, and enable encryption features, including USB or external storage devices.

Please be reminded that online safety is just as important as physical safety when you are out. Let’s make cybersecurity a habit in your daily lives, stay safe, protect yourself and have a joyful trip!

Reference

• How to choose a strong password?
• Protect Your Digital Assets: A Guide for Data Backup
• Two-Factor Authentication (2FA)
• SSL VPN

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), OpenSSH have recently issued remote code execution vulnerability about its products.  A remote attacker can exploit this vulnerability to trigger remote execute arbitrary code and bypass security restrictions. Furthermore, this vulnerability is widely exploited.

Affected products are: OpenSSH < 4.4p1 and 8.5p1 <= OpenSSH < 9.8p1

If the relevant affected products are used, users must install security updates that is officially released by OpenSSH as soon as possible.

For more details, please refer to: 
https://www.openssh.com/releasenotes.html
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

Beware of the email invitation sent by organizations such as Medical Research Archives or European Society of Medicine, etc. Although their invitation is seemingly cordial, attention should be paid to its predatory business practices involving significant publication fees (https://esmed.org/author-center), and submitting research papers to them or speaking at their annual meetings may result in loss of money or time.

As reported by Flaky Academic Conferences website (https://flakyc.blogspot.com/2020/11/european-society-of-medicine-esmed.html). The website notes that it is not entirely clear what the European Society of Medicine is. It may be a product of the alleged predatory publisher Knowledge Enterprises, Inc. (KEI).

Below is further information and related discussion for your reference:

• More in-depth discussion in the ResearchGate related discussion forum (https://www.researchgate.net/post/European_Society_of_Medicine)
• Beall’s List of potentially predatory open access publishers (https://beallslist.net)
• ThinkCheckSubmit website also provides additional advice on choosing a trustworthy publishing platform (https://thinkchecksubmit.org)

Sample of the emails:

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

To: All Users

The Cybersecurity Incident Alert and Response Centre (CARIC) was informed that hackers have been sending phishing emails to various operators with the subject “Infringing Copyright or Violating Legal Regulations” to deceive users to download and open crypto ransomware virus.

The mentioned email accuses the website content of recipient’s organization, involving copyright infringement or violation of laws and regulations, and requires the recipient to click on the link provided as below in the email:

to download a compressed file with the “.rar” to understand the specific situation and remove the infringing content, otherwise legal action will be taken against the recipient, and the decompression password is provided in the email. After the analysis by CARIC, the compressed file contains an executable program that may download and install crypto ransomware once executed. Once infected, the computer of the victims may be subjected to ransomware encryption, remote control, information leakage and other hazards.

Suggestions:

• If you receive similar email, do not download or open any files, and immediately notify ICTO Helpdesk for follow up;
• Ensure the antivirus software is installed and virus definition files are regularly updated;
• Do not open suspicious email attachments or links, and do not enter important information such as account passwords on suspicious websites.

Sample of the malicious email:

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office