Campus Periodicals

• News & Events
• Review Magazine
• Student Media

Resources for Reporters

• Services for Journalists
• Contacts for Reporters
• Press Releases

Selected Administrative Offices

• Physical Education, Recreation and Sports
• Public Information Office

Calendars

• Academic Calendar
• Campus Calendar

Maintained by pioweb@ucsc.edu
© 2008 The Regents of the University of California. All rights reserved.

jnw | 1/6/2011

Administrative Message

January 10, 2006

To: Campus Community

From: Information Technology Services (ITS)

Re: Network and workstation vulnerability

In late December 2005 the latest Microsoft Windows vulnerability (known as "WMF") threatened networks and workstations. This threat was particularly dangerous because simply visiting a web site or viewing a graphic file could launch an attack on your computer. Microsoft has since released a patch which lessens this concern.

While UCSC did not suffer any negative effects from this latest Microsoft security threat, we are writing to apprise you of the situation and to provide a reminder about best practices for computing security.

The UCSC Information Security team regularly and promptly advises IT staff of all potential and real security threats to the campus networks and workstations. When this latest Microsoft threat occurred, the Information Security team communicated with IT staff about the severity of the threat and recommended some actions. IT staff worked with the campus to take appropriate action, including installing updates and patches.

In addition to the steps that ITS has already taken, we encourage you to take the following precautions to protect your computer. Visit http://its.ucsc.edu/security_awareness/best_practices.php to view the complete list.

1) Make sure your computer has all necessary security "patches" and updates, as well as anti-virus, and that you know what you need to do, if anything, to keep them current.
* Contact your Divisional Liaison or computing coordinator if you are not sure what to do or need assistance.

2) Be distrustful when using the Internet:
* Don't provide personal or sensitive information to Internet sites, surveys or forms unless you are using a trusted, secure web page.
* Also, just opening a malicious web page can infect a poorly protected computer. Be aware of where you are going before clicking on a web link.

3) Practice Safe Emailing:
* Don't open email attachments or click on website addresses in emails unless you really know what you're opening.
* Don't open, forward, or reply to suspicious or spam emails; just delete them.

4) Don't install unauthorized programs on your computer:
* These can harbor behind-the-scenes computer viruses or open a "back door" giving others access to your computer without your knowledge.

Additional Information

* UCSC faculty and staff can download for free the Sophos desktop anti-virus software at http://its.ucsc.edu/services/software/vendors/sophos.php.

* UCSC students can download for free the McAfee desktop anti-virus software http://its.ucsc.edu/services/software/vendors/mcafee.php

* Microsoft has information and software updates about this problem. Go to the Microsoft Web site (http://www.microsoft.com/) and click on the "Windows Meta File security update" box.

* If someone else manages your computer, work with them. They may already be doing some of these steps for you.

* For more information about the WMF vulnerability, see:
- Windows Metafile vulnerability (Wikipedia) (http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability)
- The Windows MetaFile (WMF) Exploit Vulnerability (Virusbusters) (http://virusbusters.itcs.umich.edu/viruslist/wmf.html)

* Questions?
- Send email to help@ucsc.edu
- Call (831) 459-HELP

Administrative Messages Index