To: All nasa hq personnel Subject

Download 9.41 Kb.

Date	29.07.2017
Size	9.41 Kb.
	#24823

Personnel who use Apple iPhones and iPads are advised NOT to upgrade their device software to iOS 7.
Recommended Action: When prompted to upgrade to iOS7 on your iPhone or iPad do NOT upgrade the device.
Settings Tap Control Center Set “Access on Lock Screen” to Off
All users are reminded to exercise caution and maintain physical control over their devices at all times. Support
This notice was sent by the HQ Information Technology Communications Division (ITCD).


To:	All NASA HQ Personnel
Subject:	Apple iOS 7 Security Vulnerabilities (iPhone/iPad)
What’s Happening:	Personnel who use Apple iPhones and iPads are advised NOT to upgrade their device software to iOS 7. A vulnerability in Apple's recently released iOS 7 has been discovered allowing an unauthorized user to bypass the "lockscreen" security feature and gain limited access to a mobile device (iPhones and iPads) and their camera, photo gallery, and other applications which may be accessible from the iOS multitasking menu. By default, iOS 7 allows its "Control Center" feature to be accessible from the lockscreen. By exploiting this feature's functions, an unauthorized user with physical access to the mobile device may be able to gain access to the device. Additional reports of similar vulnerabilities utilizing the "Siri" and "Emergency Call" features have also been found.
Recommended Action:	When prompted to upgrade to iOS7 on your iPhone or iPad do NOT upgrade the device. Upgrading the device will result in the introduction of security vulnerabilities and an incompatibility with the current version of iTunes on your computer. ACES has not yet deployed iOS 7 to agency iPhones and iPads. If you have self-installed iOS7 on your mobile device, the following steps can be taken to disable some of the affected settings: Control Center: Open Settings Tap Control Center Set “Access on Lock Screen” to Off Siri (when utilizing a passcode): Open Settings Tap General Tap Passcode Lock Set “Siri” under “Allow Access When Locked” to Off All users are reminded to exercise caution and maintain physical control over their devices at all times.
Support:	Enterprise Service Desk (ESD): Web site (submit a ticket online): https://esd.nasa.gov Phone: 358-HELP (4357) or 1-866-4NASAHQ (462-7247) To report a security incident, contact the NASA Security Operations Center (SOC): Phone: 1-877-NASA-SEC (877-627-2732) E-mail: soc@nasa.gov
This notice was sent by the HQ Information Technology & Communications Division (ITCD). IT Notice Archives \| IT Outage Calendar \| ITCD Products & Services

Directory: notices
notices -> Oil and chemical spills are one of the gravest detrimental incidents that can occur to the environment
notices -> Procedure for installing avg 0 Internet Security Suite avg installation Requirements Operation Systems Supported avg 0 Internet Security
notices -> Affiliation agreement
notices -> National Agricultural Technology Program
notices -> To: nasa hq it pocs with Sprint/Nextel Push-to-Talk users Subject
notices -> TO: Agency Heads and Labor Relations Designees
notices -> Money matters
notices -> To: aces-managed Mobile Device End Users with Android Devices Subject
notices -> To: All nasa hq personnel Subject
notices -> To: All nasa hq personnel User action may be required!

Download 9.41 Kb.

Share with your friends: