August 12, 2003
Security Alert--Windows RPC vulnerability

A serious security alert has been issued on a vulnerability in Windows and it is important to take the following steps now to prevent serious consequences to your machine and the Extension network.

A new fast spreading worm called BLASTER has been labeled a security threat for Windows 2000 and XP machines. The worm exploits a security vulnerability in the Windows DCOM RPC interface and, once installed, searches for other machines on the network to infect, compromising vulnerable machines and overloading networks.

To download and install a security patch for your system, you will need to do the following:

1. Log in as Administrator. At the login prompt, type ‘Administrator’ rather than your regular log-in and use the administrator password rather than your regular password. When you log in, be sure to change ‘Log onto:’ from IASTATE to the computer name (which will be identified on a drop down list by ‘(this computer)’).

2. Download the Windows 2000 patch or the Windows XP patch. (if you don’t know which operating system you’re using, right-click on My Computer and select Properties). The patch will take about 10 to 15 minutes to download.

3. Double-click on the patch and follow any instructions it provides.

4. Reboot your computer and log back in with your own username and password (be sure to change ‘Log onto’ from ‘(this computer)’ to IASTATE.

If you know other people in your office with Windows 2000 and Windows XP machines, please make them aware of this patch and the need to update their computers.

If you have questions or problems applying the update, contact the Computer Support hotline at 515/294-1725.

Additional information about this worm can be found at:

McAfee/Avert
Symantec
Microsoft Security Alert

Posted by dcoates at August 12, 2003 01:47 PM