New Windows exploit hitting campus

Malicious code that exploits a recently announced vulnerability in Microsoft Windows' handling of animated cursors has hit the K-State campus. Fortunately, Trend Micro security software catches at least some variants of this exploit (identified as TROJ_ANICMOO.AX) and has prevented infection on 18 computers as of Tuesday morning, April 3. However, three other K-State computers exhibited behavior over the weekend symptomatic of a compromise, so the exploit still appears to be a threat.

Today, Microsoft released a patch to fix this vulnerability, so all K-Staters are urged to:

1. Make sure their computers received the patch, AND
2. Reboot their computers after the patch is applied in order for it to take effect.

The patch is being distributed automatically through Microsoft's SUS and WSUS services, or K-Staters can manually run Windows Update. Talk to IT support staff to see which method applies to your computer.

Infections occur when a user visits a malicious website or opens a malicious HTML-formatted e-mail message (and in some cases, just previews the malicious message). To prevent infection:

• Make sure your antivirus software is up-to-date.
• Apply the patch released by Microsoft on Tuesday, April 3.
• Do not visit websites you cannot trust.
• If you use Internet Explorer 7 in Windows Vista, make sure it is running in "protected mode".
• Read e-mail in plain text rather than HTML (not readily available in all e-mail clients).

CTS network staff are also investigating a method to block this exploit at the border of the campus network to help prevent more infections.

More information is available:

• SANS Internet Storm Center's description of the vulnerability
• Microsoft Security blog about the upcoming patch
• SANS Internet Storm Center's list of domains and IP addresses involved in the exploit
• McAfee video showing Windows Vista problems caused by the exploit

University computing labs, InfoCommons get new website

On Feb. 23, a new website went live for the central university computing labs and the K-State InfoCommons. K-State web developers should update their links to the old labs site (lan.cns.ksu.edu/labs) and the former K-State InfoCommons site (infocommons.k-state.edu) to point to the new site at www.k-state.edu/infotech/labs. The consolidated website contains:

• Up-to-date labs and InfoCommons data
• The newer K-State webpage templates
• A streamlined design with more data on the homepage

For assistance with the labs and InfoCommons facilities or to report equipment problems, contact the IT Help Desk, 785-532-7722, helpdesk@k-state.edu.

K-State Survey System becomes Axio Survey

The newest version of the K-State Survey System, now called Axio Survey, was released the last week of March. Along with the name change, new features have been added, the purple background has been updated to a neutral color scheme, and the sign-in page has changed. The official website will continue to be survey.k-state.edu.

Surveys that you are currently creating or that you have created are still available in the new version. Surveys that you had "hidden" are now listed because the hiding feature is no longer available.

In addition to the neutral color scheme, you can move surveys to the top of your survey list by clicking the green plus sign (+) to the left of the survey name. The green plus will change to a yellow star once the survey has moved. To remove it from the top, click the yellow star. You also can expand or collapse the offerings listed for each survey, allowing you to control the amount of space each survey uses.

New features of Axio Survey include an HTML editor for all text boxes, additional report statistics, the ability to label your pages with page headers, semantic differential question type, and the ability to share your survey with other Axio Survey administrators. Shared surveys are co-owned, meaning whomever you share your survey with can now edit, offer, and even delete the survey. If you want to share a survey but do not want to run the risk of deletion or mistaken edits, share your survey, have the other user make a copy of it, and then you can un-share the original survey with them.

The sign-in page for Axio Survey looks exactly like the sign-in page for K-State Online. This change was made to improve integration with K-State Online. To access, use your eID and password. For more information, contact the Office of Mediated Education at info@surveys.k-state.edu.

Last TechBytes April 4: Adobe software presentations

The TechBytes series will wind up the spring semester with three presentations Wednesday, April 4, in Hale Library on the new features and products offered by Adobe. An Adobe rep will be on hand to discuss Creative Suite 3 (which includes Photoshop and Illustrator), Connect (for Internet conferencing), and more.

• 10 a.m., Hale 301A -- Discussion of new Adobe software releases
• 1:15-2:45 p.m., Hale 501 -- Creative Suite 3 Overview
• 3:30-4:30 p.m., Hale 501 -- Acrobat 8

The afternoon sessions will feature remote connections with an Adobe expert, using Adobe's Connect software. K-Staters who can't attend the sessions in Hale 501 (Hemisphere Room) can connect remotely to the sessions from their own workstation. Those interested in doing so should e-mail cathyr@k-state.edu by 9 a.m. Wednesday for instructions.

Reminder: Electronic Grade Submission training starts next week

Electronic Grade Submission system training begins next week. Instructors who want to use the system to submit their full-semester final grades this spring, including anyone designated by instructors to submit grades on their behalf, and who have not previously completed training, must attend an instructor-led session or complete the online tutorial before noon May 4. The online tutorial will be available beginning April 9, and the first instructor-led orientation session will be 9:30 a.m. Tuesday, April 10, in K-State Student Union, Room 206. See the Electronic Grade Submission training page for details.

Google Search Appliance presentation May 2

In July 2006, the K-State Libraries acquired a Google Search Appliance. A presentation is scheduled 3-4 p.m. Wednesday, May 2, in Hale Library's Hemisphere Room, 5th floor to get to know the appliance, see what K-State Libraries is currently doing with it, and learn about its capabilities.

As something of an enticement, in addition to indexing the various library web servers (both local-mounted and remote-hosted), the search appliance has indexed the vast majority of web servers on the K-State campus, although that index is not currently in public release.

Input requested on proposed data-classification policy

The proposed Data Classification and Security Policy and Standards is now available for review and comment. As stated in the purpose section, "Data and information are important assets of the university and must be protected from loss of integrity, confidentiality, or availability in compliance with university policy and guidelines, Board of Regents policy, and state and federal laws. A data classification system serves as a foundation for protecting university data assets."

The Vice Provost for Academic Services and Technology is seeking university-wide input on this proposed policy. Please review it and provide feedback by May 11.

Security tip: Beware of malicious IE7-update hoax

Malicious e-mails and websites emerged late last week that try to trick people into installing malware by advising them to "upgrade to IE 7.0 beta 2". The e-mail comes from "admin@microsoft.com" with a subject of "Internet Explorer 7 Downloads". The messages and websites show the following authentic-looking image that, if you click on it, will download and run a malicious file named "ie7.0.exe" or "DirectX-10.exe" that will compromise your computer.

IT by the numbers: Vista PCs with Trend Micro; IT softball stats

35 = Number of personally-owned Windows Vista computers that the IT Help Desk has installed Trend Micro antivirus software on as of Monday, April 2.

Softball stats: April 2 marks the beginning of play for the all-IT intramural team, The Office. The team won its first game 32-2. Greg Dressman hit a home run. Pitcher Anthony Cobb allowed only one walk.

Archive
Subscribe
Search archive
Send news

News items received after Monday noon are not guaranteed to be published until the following week.

Managing editor
     Betsy Edwards
Associate editor
     Aimee Hagedorn
Executive editor
     Rebecca Gould

AJAX (or Ajax)   is short for "Asynchronous JavaScript and XML...a web development technique for creating interactive web applications." --Wikipedia

Popular IT

IT events
and deadlines

February-April
Free, walk-in training for all K-Staters on introductions to Dreamweaver MX, InDesign, iMovie, Photoshop.
213 Hale Library

April 4 (Wed)
TechBytes: Adobe rep presentations.
10 a.m. New software releases, Hale 301A.
1:15 p.m. CS3 workshop, Hale 501.
3:30 p.m. Acrobat 8 workshop, Hale 501

April 6 (Fri)
SIRT Roundtable: "Encryption on mobile devices (from SIRT recommendations)". Open to all K-Staters. 9:15-10:30 a.m. Union 213.

April 9 (Mon)
Electronic Grade Submission online tutorial opens.

April 10-May 4
Electronic Grade Submission instructor-led orientation sessions.

April 19 (Thu)
IDT Roundtable: "Creating and Using Digital Learning Objects (LOs)". 11 a.m.-12:30 p.m. Union 212

May 2 (Wed)
Google Search Appliance presentation. 3-4 p.m. Hale 501

May 23-24
Kansas CHECK conference

Fall 2007
Masters students will be required to submit theses and reports electronically.

Highlighting a student in the Gradebook. When your Gradebook has a large number of students and assignments, and it becomes longer and wider than your screen, scoring assignments can be challenging. Typically this is because your students' names on the right have scrolled off the screen.

One way to overcome this challenge is to highlight a student/row all the way across the Gradebook. To do this, type the student's name into the Find student box in the Gradebook, and that student's row in the Gradebook will be highlighted.

Why did I lose access to the Survey System?

Axio Survey was released March 28, and while it has a new look and new features, it also is more tightly integrated with K-State Online. Depending on your status in K-State Online, you may receive the error message "Access Denied" when attempting to sign in to Axio Survey (formerly known as the K-State Survey System) and will need to contact the IT Help Desk to regain access to your surveys. Your account has not been deleted, just temporarily disabled. We apologize for any confusion and concern this has caused.

K-State Libraries use RSS feeds to list new books

New books, CDs, DVDs, and other curriculum materials are constantly coming into K-State Libraries. But have you ever wanted to know exactly what new "stuff" has arrived? Like every week? Now you can!

On Monday, April 2, the Libraries rolled out a New Books RSS Feeds service. These RSS feeds have been created for many subject areas and shelving locations. For example, you can subscribe to feeds containing new items about Computer Science or Hospitality. Or, you can access new items located in Juvenile Literature, Leisure Reading, or Curriculum Materials.

How to subscribe

Subscribe to these feeds using the Feeds page's Subscribe feature and your favorite RSS reader. Easy readers to get you started are Bloglines or FeedReader. This is the best way to receive weekly updates on new items in your areas of interest.

Other options

• Don't want to set up a feed reader? Just want to browse? OK! You can view a list of new items in your web browser. You'll see the same content that would appear in a feed reader, but you don't have to subscribe or use another piece of software. This is the best way to get a quick glimpse of new items in a particular field. Take a peek at new Anthropology items without commitment!
• Not satisfied with the available feed choices? Define your own special interests and request a custom feed. This service comes with a caveat -- your interests must be categorized in the Library of Congress Classification System. Due to the vagaries of this system, a feed may not always be available for you, but please ask.
  
  How could you use this service? For example, a faculty member recently requested a custom feed containing only German items. That interest was defined in the Library of Congress class "PT" to create the feed. The faculty member now has a fast track to new items in German.
• Can't find the New Books RSS Feeds page? Use the Search Our Site box at the top of the K-State Libraries homepage to skip directly to the Feeds page. Try (without quotes) "new books", "new movies", "new CDs", or "new stuff". These feeds include movies, CDs, and more, not just books. Any of these searches will land you on the page.

K-State Libraries looks forward to your comments and questions as you explore this new service. Call 785-532-3014 or use the Libraries' comments form.