Don't use Internet Explorer

Microsoft Security Advisory 2963983 (CVE-2014-1776) is a serious Vulnerability in the Internet Explorer web browser that could Allow Remote Code Execution. Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially-crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

For more information on Microsoft Security Vulnerability 2963983, please visit:
https://technet.microsoft.com/en-us/library/security/2963983.aspx

Skyward and other vendors are recommending that everyone use an alternate web browser until Microsoft releases a patch. 

Heartbleed issue: What you need to do

You may have heard news of the "Heartbleed" Internet security breach or gotten an email about it from friends. This email tells you what you need to do, which is, unfortunately, not as easy as just "change your passwords." It's organized in the ever-popular "Q&A" format.

Q: Is my school email safe?

A: Probably. We use Google Apps, and it was a Google researcher who found the flaw, and Google patched its systems very quickly. But you should change your OSD password just to be safe. 

Q: Is Infinite Campus safe?

A: OSD's IC server appears to be unaffected or fixed. Regardless, your IC password should be the same as your OSD email/network password, so you don't need to do anything specifically regarding IC.

Q: How about Skyward?

A: Skyward was never vulnerable due to the version of SSL it used, so your personal and HR information is not at risk.

Q: What do I need to do?

A: This is a two step process: 

1. Check to see if a site has been fixed. (Check the top 100 web sites here.)
2. AFTER a site has been fixed, then change your password for that site.

Q: Why not just change all my passwords right away?

A: Until a site has been patched, if you change your password, then the attacker can potentially get your new password as well. So wait until the site is patched before changing your password. More info here.

Q: What about sites that aren't in the top 100 list, like my bank?

A: You can check the status of any site with this tool from LastPass.

Q: Why is this such a big deal?

A: It potentially affects half of secure sites on the web, has been around for two years, and was only recently reported. More info here.

wireless network down for upgrades between 4-5 PM today (4/8/2014)

The district's wireless network will be down today for about 20 minutes sometime between 4:00 - 5:00 PM so that we can upgrade the wireless LAN controllers. You should plan to use a computer with a wired network connection during this time. 

I apologize for the short notice.