COMPUTER SECURITY –

Posted on

All users of Microsoft NT 4.0, 2000, XP and 2003 operating systems are vulnerable to a critical security risk. In order to protect your computer from this risk, and to protect the viability of the campus network, it is important that you take immediate action.

The risk is created by a flaw in Windows that allows hackers to use a remote procedure called “RPC DCOM” to take over the machine. Users must download a Microsoft patch in order to be protected. The patch is available directly from Microsoft at www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp. I⁢ strongly urges you to take immediate action to install the patch yourself or with the assistance of your department technical support personnel. You should assure that all Windows NT 4.0, 2000, XP and 2003 systems that you use are
patched, including office machines, home machines, and laptops.

The I⁢ HelpDesk has a Web page ? www.cpp.edu/helpdesk/news/exploit.htm ? that explains the RPC DCOM vulnerability and provides answers to the following questions:

  • What is the RPC DCOM exploit?
  • How do I know if I am already infected?
  • What do I do if I am infected?
  • How do I patch my computer?
  • How do I remove the exploit?
  • Do I need to rebuild my computer?

All Microsoft Windows users associated with Cal Poly Pomona are urged to call their department technicians or the I⁢ Helpdesk at (909) 869-6776 if you have further questions.

The RPC exploit is widespread across the Internet. A particular version of the exploit, known as the “Microsoft Blaster,” has received extensive press coverage. About 188,000 individual computers were infected worldwide as of Tuesday evening, according to Alfred Huger, senior director of engineering for security response at Symantec, maker of the popular Norton AntiVirus program.

In addition to encouraging the installation of patches and working to clean infected machines, I⁢ personnel are evaluating the need to take additional actions where needed to protect the campus network. It is possible that some of these actions may result in the temporary blocking of certain services, up to and including all network access, from various places in the campus network. We will endeavor to inform technical staff in affected areas and to minimize any disruption caused by these important efforts to control the problem.

The number one priority for I⁢ continues to be fast, reliable and secure access to network-based resources. I⁢ staff and management, as well as technical staff from across the campus, are working hard to control this problem, and we appreciate your support and patience.

A. Michael Berman
Vice President, Instructional & Information Technology