Information Technology Services

Security Alert

IE Security Flaw


The U.S. Computer Emergency Readiness Team (CERT) is advising that those using Internet Explorer temporarily use a different browser (Firefox or Chrome) until this latest vulnerability is patched. We understand that certain Union College sites and affiliated sites may require the use of Internet Explorer, please limit your use of Internet Explorer to these sites. All other web browsing should be done with Firefox or Chrome as visiting an infected site would allow malicious users to install malware and potentially steal personal data, track online behavior, or gain control of the computer.

For more information about this flaw, please see this article or read the US-Cert bulletin.

If you require assistance or have any questions, please contact the ITS Help Desk (call (518) 388-6400 or email

Heartbleed Computer Vulnerability

Security researchers have discovered a vulnerability, named the Heartbleed bug, in many online encryption systems used around the world (OpenSSL encryption). This vulnerability affects the security of servers which handle encryption between computers, like when you connect using https to banking websites and a majority of websites where you are using passwords and private data. The Heartbleed bug allows an attacker to capture usernames, passwords, credit card information and other sensitive data at risk. Sites that may be affected are marked by the small closed padlock and the “https” in the web address.

As of Monday, April 7, ITS has patched all major Union web services impacted by the “Heartbleed” bug. We have no evidence at this time that Union College has been compromised.

We recommend the following to members of the Union College community:

1. Avoid clicking links found in unusual or unexpected emails that ask recipients to reset their password or otherwise reveal personal information.

2. Consider changing your online passwords at Union College and elsewhere, especially at banks and commercial sites, early next week. Waiting a few days gives the external sites time to fix the vulnerability. Changing your passwords is critical if you use the same password for you Union College email account and other services.

3. Apply the latest security updates to your home computer as well as your mobile devices.

Please refer to for the status of mainstream websites and what consumers should do regarding accounts at these sites.

Please refer to for more information regarding the Heartbleed bug.

If you require assistance or have any questions, please contact the ITS Help Desk (call (518) 388-6400 or email Please check our website for the latest information.