[grads] Computer Security Action -Microsoft Computers without Critical Security Updates Blocked from Network
rvi...@soe.ucsc.edu
Note: This message concerns Windows 2000 and XP computers that have not
received critical security updates of April 2004. We believe nearly all
SoE maintained computers have received these updates. Problem computers
are mainly laptops brought in from outside and computers that have not
been booted into Windows this week on our networks.
The Microsoft worms (Sasser & Phatbot) continue to circulate and we are
seeing some folks bringing in Windows laptops and connecting to the
network after hours. Since staff is not on site over the weekend, we will
need to act swiftly and remotely to protect your computing systems and the
network.
----Action:
Effectively immediately, SoE Computer Security will scan any Microsoft
Computer that connects to our network. If that computer fails to have the
current Microsoft Critical Security patches installed, the network port
may be immediately deactivated and/or the computer blacklisted from
connecting to the SoE network. The current security update is 835732,
which was released with Microsoft Security Bulletin MS04-011 on April 13,
2004.
MS Computers without this update will be disconnected and blacklisted
without advanced notice. After the port is deactivated and the computer
blacklisted from the network, SoE Computing Staff will attempt (during
normal business hours) to locate the vulnerable Microsoft Computer.
Normal business hours are M-F 9am-6pm.
Should you be working on a Windows computer and the network connection
suddenly no longer works, it is likely Computer Security believes your
computer is either compromised or at severe risk for compromise. Please
see the SoE Help desk (in BE-126, 459-3544) to ensure your computer gets
repaired and updated. The help desk is open Monday-Friday, 9am-5pm.
Please avoid plugging into another network jack. Such action may result in
your computer becoming compromised and/or additional network jacks being
deactivated.
This action is being taken to _protect_ you, your computer and others on
the SoE network from a series of intrusive Microsoft computer worms
(Sasser & Phatbot) that have been installing themselves on Microsoft
Computers that do not have the April 2004 critical security updates.
These worms can install several intrusive programs, some of which may
install “back-door entries” and allow outside intruders to read personal
information stored and entered into the Windows Computer (such as files
and passwords). The worms also flood the network making work difficult
for other users who do not have compromised systems.
----Background:
This week computer systems across the world have been dealing with the
Sasser and Phatbot Microsoft computer worms that propagate via the
network (not by email). These worms have infected over 250 computers on
the UCSC campus. The result has partially shutdown computing operations
in some locations this week and crashed card reading systems used for
dining services. On Tuesday, SoE had about 15 unpatched Microsoft
computers were infected and compromised with these worms. The
overwhelming majority of compromised Microsoft computers within SoE have
been user maintained systems such as laptops and research lab computers.
Nearly all of the MS Computers on SOE networks have received critical
updates. Occasionally a Microsoft computer without critical updates
appears (typically a laptop, a computer that was off for a while, or
booted into another operating system). A MS computer without the
critical updates could be compromised in a couple of minutes after being
placed on the networks. Compromised computers have proven to be
difficult to clean up, in some cases requiring a complete operating
system reinstallation. We are attempting to isolate these unpatched
Microsoft Computers before they become compromised. At this point,
within SoE these computers are now typically laptops brought in from
outside, computers that were off or dual-boot systems that were not
booted into windows for a while.
These worms (especially Phatbot) install many programs, some may be
backdoor entries which can allow outsiders to read information on your
computer. Programs (tools) are available to remove these worms, however
some computer security personnel are finding that some portions of the
infected programs remain even after cleaning. Should you have a computer
that becomes compromised, computer security has recommended, if possible,
the operating system be reinstalled while off the network and the latest
Microsoft critical security updates done prior to reconnecting to the
network.
-----Software Updates Required
If you are running a Microsoft operating system, please ensure you have
the critical updates for Windows XP and Windows 2000 installed. NOTE -
These critical security updates of Microsoft operating system are
distributed automatically to SoE maintained computers, provided they are
left on and booted into Windows. Personnel maintaining their own Windows
computers may ask the SoE Help Desk for assistance. Removal of this worm
is not trivial often not successful. The only sure way that compromised
systems are fully cleansed of the worm is a complete reinstall of the
Microsoft Operating System with current critical security updates.
Should you need any assistance, please send an email to
techstaf...@soe.ucsc.edu or you may contact the SoE HelpDesk
(BE-126, phone 459-3544). The Helpdesk is open Monday-Friday, 9am-5pm
and closed from 12-1pm for lunch.
regards, Bob
Robert L. Vitale, PE
Electrical Engineer
Computing Director & Laboratory Manager
Jack Baskin School of Engineering
Voice: (831) 459-3794 Fax: (831) 459-5333
rvi...@soe.ucsc.edu
uaeindian...@gmail.com
http://www.indianescortindubaicity.com/2014/03/rubab-hot-indian-escorts-in-dubai.html dubai indian escorts
http://www.indianescortindubaicity.com/2014/03/sapna-indian-pakistani-escorts.html indian pakistani escort in dubai