6/01 - PEAS Self Service Upgrade
The PEAS Self Service application will be unavailable on Thursday, June 1st between 5pm and 7pm to perform a software upgrade
Subject: Action Required: Critical Steps to Protect your Server Systems Against Computer-Related Infections
Applies to: Servers connecting to the Partners network
In an effort to assure clean and stable server systems and various computer-related infections, all Windows and Linux servers connecting to the Partners network must install Trend Deep Security antivirus (version 10.0.2240) and run a full scan.
Instructions to obtain Deep Security installation files and access the console are included in the following Knowledge Base articles.
A reboot will only be required if any infections are detected upon the scan.
Servers managed by Partners IS have been patched and updated with the latest Trend Micro Deep Security antivirus. These instructions are for all other Windows servers. Please follow these steps carefully as they provide instructions the vendor does not.
Pre-requirements for updates
If you have any questions, or need troubleshooting, please contact the IS Service Desk and ask for the “Server-Antivirus Support PHS” assignment queue.
Critical steps to protect against Malware & Ransomware for those who don’t connect to the Partners network regularly
Applies to: Employees working remote, offsite or not connecting to the Partners network regularly
In our efforts to assure clean and stable computers and prevent malware or ransomware infections, we identified that many laptops and desktops have not connected to the Partners network, meaning they have not received important updates.
Follow these steps for all devices used for business purposes connecting to VPN, GoToMyPC, and/or those used to check email and access web-based applications to connect your device to the Partners network as soon as possible.
If you use a Partners standard Windows laptop or desktop (has Partners applications menu and screensaver) that isn’t routinely connected to the Partners network, we need you to connect your device and keep it connected and powered on for at least 2 hours. Please connect in one of three ways:
After you connect for at least two hours, updates will be applied when you reboot your computer.
If you are unable to complete the steps listed above for any reason, contact the IS Service Desk for assistance.
If you use a non-standard Windows or personally-owned device for Partners' business, it is your responsibility to keep your device and software up-to-date. Here are the recommended resources:
If you have any questions, or need troubleshooting, please contact the IS Service Desk.
This alert is to provide additional guidance regarding preventing infection with malware variously named WannaCrypt, WannaCry, WannaCryptor, or Wcry. No changes need be made on Partners standard Windows computers (those with the asset tag, yellow lock and Partners' screensaver).
The following actions need to be taken for any non-standard Windows or personally-owned computer or server running a Windows Operating System:
Additional instructions for each action are outlined below. Contact the IS Service Desk for assistance or questions.
1. Apply the latest Windows updates
Turn on Windows Update for automatic updating. Most patches will install automatically, but you will be prompted when input is needed during an installation. It is strongly recommended that you click on any Windows Update alerts in your taskbar to be sure your PC does not miss an important download.
For additional guidance and troubleshooting, visit HOWTO: Run Windows Updates.
2. Install Trend Micro antivirus software and run a full scan
Your device must be connected to the Partners Network to download, install and setup Trend Micro Security Software and run Windows 7 or greater.
Please remove any existing antivirus programs from the computer before installing Trend as it this will cause the installation to fail.
Additional information can be found in the Knowledge Base article, HOWTO: Install TrendMicro Security for Windows.
3. Disable the task scheduler, reboot, update AV, run a full AV scan, remediate any infections, enable task scheduler, then reboot the device
This Regedit method is recommended to Start/Stop Task Scheduler.
See screenshots and additional Instructions for disabling/enabling task scheduler.
Contact the IS Service Desk for assistance or questions.
Applies To: All Users
The Department of Health and Human Services’ Office of the Assistant Secretary for Preparedness and Response held a call on the ransomware attack currently affecting dozens of nations this afternoon. At least 16 hospitals in the United Kingdom are being forced to divert emergency patients today after computer systems there were infected with ransomware, a type of malicious software that encrypts a victim's documents, images, music and other files unless the victim pays for a key to unlock them.
We are taking the following steps and ask for your vigilance:
FYI - sent by Microsoft to PHS IS
What is the purpose of this alert?
This alert is to provide guidance regarding malware variously named WannaCrypt, WannaCry, WannaCryptor, or Wcry. This information is being provided to you so that you can assist customers who have questions related to the issue.
Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. We are using the MSRC blog -Customer Guidance for WannaCrypt attacks to post information and resources in one place, to help customers respond to this latest threat.
The first and most important piece of guidance is to immediately deploy the security update associated with Microsoft Security Bulletin MS17-010, if you have not done so already. Customers that have automatic updates enabled or have deployed this update are already protected from the vulnerability these attacks are trying to exploit.
Windows Defender, System Center Endpoint Protection, and Forefront Endpoint Protection detect this threat family as Ransom:Win32/WannaCrypt.
In addition, the free Microsoft Safety Scanner http://www.microsoft.com/security/scanner/ is designed to detect this threat as well as many others.
Review the Microsoft Security Response Center (MSRC) blog at Customer Guidance for WannaCrypt Attacks for an overview of the issue, details of the malware, suggested actions, and links to additional resources.
Keep systems up-to-date. Specifically, for this issue, ensure Microsoft Security Bulletin MS17-010Security Update for Microsoft Windows SMB Server is installed.
Customers who believe they are affected can contact Customer Service and Support by using any method found at this location: https://support.microsoft.com/gp/contactus81?Audience=Commercial.
Microsoft Malware Detection and Removal Tools
Use the following free Microsoft tools to detect and remove this threat:
Regarding Information Consistency
We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.
Updated on May 17, 2017:
Wordpress 4.7.5. was released.
Applies To: Wordpress <4.7.4
A Wordpress vulnerability in the password reset function might allow attackers to get hold of the password reset link without previous authentication [CVE-2017-8295].
Combined with other vulnerabilities and, depending on the server configuration, a remote attackers may be able to pass extra parameters and consequently execute arbitrary code.
All versions of Wordpress prior to 4.7.4 are vulnerable. Exposure increases if combined with other vulnerabilities (as CVE-2016-10033) so make sure your PHP is running the latest patched version. An exploit is known to this vulnerability.
At the moment this is being written, Wordpress stable version is still 4.7.4. Please stay alert and update it when a patch is available. For now, as a temporary solution, UseCanonicalNames can be enabled to enforce a static SERVER_NAME value. [see link below]
https://wordpress.org/download/release-archive [for when a new version comes up]
As always, other basic server security hardening also applies, as 1) making sure you're logging mail transport (if using local MTA) with proper retention; 2) possibly changing php.ini to log mail functions (improved auditing); 3) log monitoring tools to detect an alert unusual activity (i.e., increased mail traffic); 4) off-box logging, among others.
The malware that is causing accounts to be locked out is called "Qakbot." This malware can infect both Windows-based and Macintosh computers.
Antivirus is already installed on Partners standard Windows computers (those with the asset tag, yellow lock and Partners' screensaver). To protect any other device against this malware please download and install “TrendMicro OfficeScan” Antivirus.
If your machine is infected with Qakbot, the virus that has been causing the login lockouts, a third action is required to disable the task scheduler, reboot, update AV, run a full AV scan, remediate any infections, enable task scheduler, then reboot the device.
This Regedit method is recommended to Start/Stop Task Scheduler.
See screenshots and additional Instructions for disabling/enabling task scheduler.
Sent via IS Communications on Wednesday, May 10 at 9:47a.m. - View this message online.
Action Required: Advisory on Account Lockouts
There is currently a sporadic issue where users are receiving an “Account Locked” error. You may need to log back into your workstation or email. If you receive this error, please wait 5 mins and attempt to log back in. If this does not resolve your issue, please call the IS Service Desk.
Effective May 16, you will be able to log into HealthStream using your Partners username and password. You will no longer need to remember a separate password to complete your HealthStream learning requirements.
HealthStream is the online learning system used by MGH and Partners HealthCare to administer required annual and departmental trainings.
Applies to: MGH, BWH, PHS Ergonomics Purchasers (does not apply to DFCI)
All GoToMyPC licenses expire on April 30, 2017. As the department purchaser, employees will request that you renew their subscriptions before their access expires. When GoToMyPC users log on to GoToMyPC, a pop-up message reminds them it’s renewal time!
To renew a license, select GoToMyPC -Renewals in the Ergonomics catalog. Renewal subscriptions costs $84. You can order for multiple recipients by providing the following information:
REDCap (https://redcap.partners.org/redcap) upgrades to v7.0.14 scheduled for tonight Wednesday April 26th at 8:30 PM EST are complete. REDCap was offline from 8:30-8:45 PM EST.
This upgrade is to apply a necessary patch to address a number of bugs introduced in the upgrade to version 7.0.10.
If you have any concerns about REDCap being offline at this time, please email email@example.com
Partners HealthCare Corporate employees' devices will begin upgrading to Office 2016, which includes the most current versions of Outlook, Word, Excel, PowerPoint, and Access. Office 2016 is part of the Office 365 suite of applications and online services offered by Microsoft.
Here’s what you need to know to get started:
When will I get it?
The date of your upgrade is determined by the last digit of your device/control #:
How does the upgrade work?
What changes will I see?
This new version offers a fresh look and feel, as well as several new features across all Office applications. Outlook incorporates the ribbon throughout, and includes enhanced features designed to help you work more efficiently.
Where can I learn more?
Training schedule, FAQs, and other resources can be found on the Office 2016 training & support site.
For help with upgrade:
Windows 10 Creators Update (build 1703) was released on April 11th and will show up as an update for users on their devices. Read more: https://blogs.windows.com/windowsexperience/2017/04/11/whats-new-in-the-windows-10-creators-update/
Research IS & Computing website maintenance took place on Thursday, April 6, 2017 starting at 7a.m. The site was offline for approximately ten minutes. Updates included bug fixes, security updates and feature enhancements.
REDCap (https://redcap.partners.org/redcap) upgrades to v7.0.10 scheduled for Wednesday April 5th at 8:00 PM EST are complete. REDCap was offline from 8:00PM-8:38PM EST.
This upgradel included a number of new features and bug fixes. These include:
Full release notes available here.
If you have any concerns about REDCap being offline at this time or any questions about these new features, please email firstname.lastname@example.org
REDCap v7.0: New Feature Release and User Group Meeting
BWH: April 11th 2017 3:30-4:30PM, Thorn Conference Room
Click to register.
MGH: April 20th 2017 3:00-4:00PM, Simches Building Room 3.120, 185 Cambridge Street
Click to register.
This user group session will review the new feature releases and how best to implement and retro fit to production projects. We will also use the time for users to share their experiences and tips/tricks.
A new Email Notification Plugin (v2.0) has been released to REDCap.
New Users can access the new feature and plugin URL on our Extensions Page: https://rc.partners.org/redcap/extensions
Current Users will need to update their Email Notification Project Bookmarks from their current URL to new URL:
If you have multiple DETs setup in your project or would like to test the conversion prior to submitting the new configuration on your production project, please contact email@example.com.
Please convert your Email Notification Plugin by March 24th. EDC Support will contact you for conversion after this date.
Service Alert: REDCap Infrastructure/Security Update
We are continually re-evaluating the security of our servers. As a result, we have disabled support for TLS 1.0 and certain encryption ciphers that are considered weak.
If you notice any issues accessing the REDCap application via API or other, please contact firstname.lastname@example.org.
REDCap: API and DET User Group Meeting
BWH: April 24th 2017 10:00-1100AM, Thorn Conference Room
MGH: April 27th 2017 1:30-2:30PM, Simches Building Room 3.120, 185 Cambridge Street
Main Objective: Provide support, best practices, and guidance to REDCap End-Users utilizing the REDCap API and DET
-Learn how to access REDCap's API, DETs
-Learn how to best implement the API, DETs
-Review updates to API features in REDCap v7.0
-Understand the current limitations and when to contact ERIS or Research CORE for additional support
Target audience: Researchers that have evaluated and decided to use REDCap and/or have started a REDCap project. Researchers with basic level programming experience.
Did you know that Microsoft regularly releases security patches for its software products on the second Tuesday of every month? How frequently do you update your computer? Here is some guidance to keep your device secure and your Microsoft software up to date and running smoothly.
Do I need to make changes on my computer?
See HOWTO: Run Windows Updates for additional instructions.
Applies To: All Users
Information Systems Maintenance (ISM) took place on Monday, February 13th from 12:00 am to 4:00 am.
During that time, planned system maintenance and testing was be performed by IS teams. This routine maintenance reduces the risk of unscheduled outages on our computer network and to the Internet.
Impact to systems and applications
Impact to sites
Need help during the downtime?
View the 2017 IS System Maintenance (ISM) Schedule in the IS Service Desk Knowledgebase (Partners login required).
Users have reported issues logging into LabArchives starting Saturday, Jan 21 - Monday Jan 23.
Partners IS has determined the issue is likely due to cookies but they've also made updates on their end.
Action Required: Please clear cookies, close the broswer and login. If you continue to experience issues, please email email@example.com
Error Messages being reported:
"opensaml::FatalProfileException at (https://shib.labarchives.com/Shibboleth.sso/SAML2/POST)
SAML response contained an error.
Error from identity provider:
LimeSurvey (https://limesurvey.partners.org/limesurvey) experienced unplanned maitenance today January 6th, 2017 due to a PostgreSQL database platform issue. LimeSurvey was down from 9:04AM - 11:13AM EDT.
We apologize for the inconvenience.
If you have any concerns, please email firstname.lastname@example.org
With the release of macOS Sierra 10.12.2 on December 13, 2016, you may now upgrade to this latest version. Please note that if you choose to upgrade, you must update the following applications after upgrading to ensure Partners services will continue to function. These apps are available for download in the PEAS Self Service application. Visit our Knowledge Base article on Self Service for Macs for more instructions.
The PEAS team also recommends that you verify any software that you have previously purchased is compatible with macOS Sierra prior to upgrading.
Apple, and therefore Partners, only supports the current OS and two versions prior, so with the release of Sierra, the only compatible Mac OSs are Sierra, El Capitan 10.11 or Yosemite 10.10. If you are running a Mac OS older than Yosemite, please view our webpage on how to Update Your Mac or contact the Service Desk if you need assistance with an upgrade. Outdated Mac operating systems introduce risk to your data and to the enterprise as they are not patched for security vulnerabilities and do not comply with Partners policies.
This coming Sunday, December 18th 2016 from 10pm to 12pm we will be upgrading the Operating System on our Backend storage system that supports RFA. This is a non-service affecting update so therefore no interruptions in connectivity are expected to occur.
There are two enterprise applications used for connectivity that do not work automatically after upgrade. Until fixed, we do not recommend upgrading. For those already using macOS Sierra, please be advised of these recommendations:
On Tuesday, September 20, 2016, Apple released Operating System (OS) macOS Sierra 10.12 for Mac laptops & desktops. It is always recommended to verify any software that you have previously purchased is compatible with macOS Sierra 10.12 prior to upgrading.
Please keep in mind that Apple, and therefore Partners, only supports the current OS and two versions prior. With the release of Sierra, the only supported Mac OSs will be macOS Sierra, Mac OS X El Capitan 10.11 or Mac OS X Yosemite 10.10.
If you are running a Mac OS older than Yosemite, please view our webpage on how to Update Your Mac, and contact the Service Desk if you need assistance with an upgrade. Older Mac operating systems introduce risk to your data and the enterprise as they are not patched for security vulnerabilities and do not comply with Partners policies.
StudyTRAX (https://studytrax.partners.org/StudyTrax/) experienced an unexpected outage from Sunday November 13th 12:30AM EDT until Monday November 14th 10:00AM EDT.
StudyTRAX was one of the applications affected by the issue that Partners ISCommunications sent an alert for over the weekend.
If you have any concerns about this downtime, please email email@example.com