A.Eric@GSB-HOW.STANFORD.EDU (Eric M. Berg) (04/06/88)
I just logged into DSIN (the "Digital Software Information Network", or words to that effect), and there is a new FLASH message under the VMS product category entitled "Important Security Announcement - April 1988". The cover letter for the MANDATORY UPDATE being distrbuted states that >> DIGITAL has recently found and developed solutions to potential >> security exposures in the following versions of MicroVMS and VMS: >> [it then lists *all* current versions of VMS and MicroVMS, from >> 4.3 to 4.7] The cover letter continues: >> A security update is enclosed in this package. This update is vital >> to maintaining your system security. If you choose not to install >> this security update, you may be leaving your VMS systems at risk of >> unauthorized use. This is definitely a *new* security problem/patch, not the one which was distributed last Spring/Summer. That was a patch for versions 4.4 and 4.5, which was made unncessary by version 4.6; this applies to essentially ALL of the 4.x versions, including 4.6 and 4.7. It also must be REinstalled each time a new version of VMS is installed (e.g. when upgrading from 4.6 to 4.7). Please don't contact me for more information, since I don't have any. (I haven't received my tape yet.) "Contact your local Digital representative." Eric M. Berg Computer Facility Graduate School of Business Stanford University -------