INFORMATION FOR...
navigation
WHAT IS HAPPENING?
----------------------------------
Microsoft Window's DCOM RPC vulnerability (see links below) continues
to be a major security risk on campus. Because of the nature of
this vulnerability and the scripts and worms built to exploit
it (see links below), Windows computers can be compromised or
infected within minutes of connecting to the network.
CIO staff swept through College buildings to apply patches on
existing machines during the first few weeks of August (2003);
further, CIO continues to scan for vulnerabilities. As people
return to campus, however, many are bringing computers to campus
which are not patched or are already infected, connecting them
to the network, and quickly getting infected. Once infected, a
machine contributes to the degradation of the network and attempts
to infect other machines. This results in a series of time-intensive
responses by several layers of technical staff from the college
and campus. Eventually, campus network staff block network traffic
to or from an infected machine.
WHO IS AFFECTED?
---------------------------------
Windows users: Any Windows computer (NT, XP, 2000, 2003) that
has not been patched is vulnerable.
WHAT SHOULD I DO?
---------------------------------
If you are bringing a Windows computer to campus, make sure it
is patched before you connect it to the network. If you are unsure,
contact CIO at 244-7005 before connecting to a jack in a College
of Education building.
WHERE TO GET THE PATCH
---------------------------------
Please visit room 10 (ICL) or room 31 (Tech To Go) to use a floppy
disk or CDROM to patch and disinfect your Windows computer before
connecting it to the network. While patches are available on-line
at windowsupdate.microsoft.com, machines brought to campus should
patch *before* going online.
CONTACT INFO
------------------------
If you have any questions or concerns, please call the CIO Front
Office at 244-7005.
FOR MORE INFO
---------------------------
Information on Windows DCOM RPC Vulnerability
http://www.microsoft.com/security/security_bulletins/ms03-026.asp
Official Microsoft MSBlast Worm Information
http://www.microsoft.com/security/incident/blast.asp
Microsoft Windows Update Site
http://v4.windowsupdate.microsoft.com
UIUC provided MSBlast removal program
http://webstore.cites.uiuc.edu
Choose Virus Protection - Stinger/Use
College of Education Instructional Computing Lab
http://www.ed.uiuc.edu/cio/icl/
ANNOUNCEMENT PREPARED BY
----------------------------------------------------
Jobertito Cuaresma and Ryan Thomas
Office of the Chief Information Officer
College of Education
University of Illinois at Urbana-Champaign