A number of incidents occurred in April involving servers running vulnerable web-facing software. While many of the incidents involved PHP, the issue includes all web servers and applications. Due to the web-based nature of these vulnerabilities, attackers are able to easily find targets using Google and other search engines. The impact of these recent incidents has included:

• defaced front pages on web sites
• hosting of phishing scam content on campus systems
• down time for servers following the incidents
• significant effort for campus staff in ensuring systems
• are secured following the incident and protected against
  future attacks

To reduce these incidents, please ensure that your regularly scheduled patching process includes all software on the systems you support, especially all software accessible via network services. Note that automated patching processes may not include these applications, particularly if they have been manually installed. As we have seen recently, these issues are very visible to attackers and any missed patches are likely to result in compromises.