Frequently Asked Questions - ISP Security Notices

Why did I get a Compromised Host / Possibly Compromised System notice and what should I do?

Did you receive an email from security@berkeley.edu with Compromised Host / Possibly Compromised System in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

Why did I get a Vulnerability Detected notice and what should I do?

Did you receive an email from security@berkeley.edu with Vulnerability Detected in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

Why did I get a Credential Exposure notice and what should I do?

Did you receive an email from security@berkeley.edu with Credential Exposure in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

I received a Security Notice saying my operating system is unsupported. How do I know if my operating system is supported?


Security best practices, as well as campus
Minimum Security Standards for Network Devices (MSSND), require the use of supported software for which the vendor will make security updates available in a timely fashion. As vendors are unable to support all previous versions of software, older programs are dropped from support and must be upgraded or removed from the network. It is especially important to be aware of your operating system “end of life”, as major upgrades often require time and planning.

Windows

Microsoft publishes current lifecycle information for Windows operating systems. If your version of Windows is past the date for extended support, or not listed, your operating system is not supported and you must retire the system or upgrade to a supported version of Windows. When planning for department equipment purchases and upgrades, be aware of any upcoming “end of life” dates for your version of Windows.

Mac OS X

While Apple does not officially acknowledge the end of support for Mac OS X operating systems, past experience shows that security updates addressing critical vulnerabilities are only released for the current and one previous version of Mac OS X. When Apple releases security updates for Mac OS X, operating systems with vulnerabilities that are not patched by Apple will be considered unsupported.

Mac OS X users should plan on upgrading their operating systems regularly as Apple releases new versions. We recommend updating to either the latest version, or one previous version, no more than 90 days after a new version is released.

Current list of Mac OS X versions receiving Security Updates from Apple (as of Dec. 6, 2017):

  • Mac OS X 10.11 “El Capitan"
  • Mac OS X 10.12 "Sierra"
  • Mac OS X 10.13 "High Sierra"

A list of current security updates can be found on the Apple Support site:  https://support.apple.com/en-us/HT20122

Other Operating Systems

Check with your vendor to confirm whether or not your version is still under support and receiving security updates for known vulnerabilities. Operating system vendors often publish lifecycle information to assist customers with upgrade planning:

MSSND Exception Requests

If your operating system is not currently supported, and you cannot immediately upgrade to a supported release, you must request a policy exception to keep the machine connected to the campus network. Your request should include details such as:

  • Why you cannot upgrade your current unsupported operating system
  • Timeframe for upgrading or retiring the system
  • Full inventory of software running on the system
  • Expected use of the system including all network use
  • Firewall rules and other security controls mitigating the risk