| FULL SEARCH | |
|
|
|
|
||
|
|
|
|
|||
|
|||
|
Marshall > UCS |
 |
|
|
|||
 |
|
UCS Home Help For: 
Students
Faculty/Staff
Visitors
UCS Units: Computing FacilitiesFacilities Scheduling Facilities Hours Incident Report Form Lab Availability Remote Computing Tour the Facilities Work Study/Internship Customer ServicesCD & DVD Duplicating CLOC Help Desk Remote Access Special Events Policy Surplus Computer Sale UCF Sites UCS Front Desk Databases & SSBanner About Databases Networks & TelecomFirewall Forms & Publications MU Wireless Policies & Procedures Services Telecom FAQ's VPN Client About Networks & Telecom Systems AdminAbout Systems Admin Antivirus Electronic Mail Information Security MUNet Abuse Reporting Your Email Account About UCSEmployment Opportunities Contact UCS Computing Glossary Guide to IT Meet the Staff Missions and Goals Office Locations Policies and Procedures UCS Presentations
UCS Rate Schedule
|
|
|
Security Alert - Conficker/Downadup Worm Posted 3/31/2009 There are increasing reports of a widespread computer infection by the 'Conficker/Downadup' worm. According to a security bulletin released by the US Computer Emergency Readiness Team (US-CERT), "this worm can infect Microsoft Windows systems from a USB thumb drive, a network share or directly across a corporate/campus network, if the computers are not patched with the 'MS08-067' security patch from Microsoft." The following is recommended guidance for our campus community: Q. What can I do to protect my computer which runs Microsoft Windows? A. As with past virus and worm outbreaks, the best protection is to make sure that your computer (and all computers which you are responsible for) have current Microsoft Security Updates applied; AND that you have an anti-virus program that is recently updated. Q. Is my Apple Macintosh computer at risk for this worm? A. No. This worm is specifically targeted to infect computers which run the Microsoft Windows operating systems. Computers such as the Apple Macintosh are not affected by this particular vulnerability. Q. How can I be sure I am protected against this current threat? A. Two easy steps: Step 2 – Open your Antivirus Program (most campus computer images should have Symantec Antivirus or Symantec Endpoint Protection pre-installed). Check the date of your virus definitions and make sure it's no more than a few days old. Your AV definitions should automatically update. If they are not, then this is a sign of a potential problem for your computer and should be reported immediately to your department IT staff or the UCS Help Desk at ext. 63200. Q. How can I tell if my computer is infected with Conficker/Downadup? A. Virus and worm infected computers often display unique symptoms which vary based on the particular virus. In the case of 'Conficker/Downadup', this worm attempts to prevent your antivirus software from updating itself or preventing you from accessing antivirus vendor websites to download removal/cleaning tools. According to the US-CERT Bulletin, a quick test to determine whether you are infected is to try to access one or more of these sites: Symantec - http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm Microsoft -
McAfee -
If you can connect to any other sites (i.e. the http://www.marshall.edu webpage) but cannot access these specific antivirus vendor pages, then there is a good chance you are infected. Q. How do I clean my machine from the Conficker/Downadup worm? A. There are at least three known variants of this worm. So the removal instructions will vary slightly. If your University-owned computer is infected, immediately contact your department IT specialist or the UCS Help Desk. If your personally-owned or home computer is infected, we suggest that you follow the guidance that is provided by Symantec on their website: Symantec-What to do if you are infected Q. Will University Computing Services automatically patch my machine? A. Not necessarily. The good news is that if you are running a recent UCS faculty/staff or lab image, then your computer should be configured to automatically download and install Microsoft Security updates. Also current images that include anti-virus software are pre-configured to auto-update each day. If you have installed your own machine or have other staff in your area which prepare and deploy computer workstations and laptops, you need to check with those individuals to confirm your patch status (or see the previous question above). Q. If I have a laptop computer that's not connected to the network, I'm safe right? A. No. Perhaps laptops are at MORE risk to virus or worm infection. This is because they often spend long periods of time turned off or not connected to a network, so they do not always receive Microsoft or Antivirus updates on a timely basis. Be sure these machines get connected to either the campus or a home network frequently (at least once or twice a month) so they can have time to download and install these security updates. Q. Is my home computer at risk for this infection? A. Possibly. Computer threats can affect both campus and home machines. You are encouraged to follow the same guidance for personally owned machines – enable Microsoft Updates to occur automatically and install Symantec antivirus software (it's licensed for faculty/staff/student home use). Q. Where can I get the latest Symantec Anti-Virus Software for my office or home computer? A. University Computing Services maintains a
secure/trusted web download site for the current version of Symantec
antivirus software. The current version is called 'Symantec Endpoint
Protection' and supports both Microsoft Windows XP and Microsoft Vista
operating systems. Please visit
http://www.marshall.edu/antivirus and scroll to the bottom of the page.
Click on the link for
'Antivirus Downloads Page'.
|
|
|
||
|
Site Maintained by . Copyright ©2006 Marshall University. All Rights Reserved. Read Site Disclaimer for more information. View Mission Statement Marshall University - One John Marshall Drive - Huntington, WV 25755 |
|
