ITS issues computer security information

Microsoft Corporation has recently issued several critical system updates and security patches for Windows NT, 2000 or XP operating systems to help prevent unauthorized access that may allow a third party to take control of your computer for whatever purposes they choose. This could include compromise or destruction of sensitive data, identity theft and fraud and denial of service attacks.

Additionally, Network Associates, maker of the campus anti-virus software for Windows computers, has issued updated virus definitions to detect and clean recently discovered computer viruses.

Operating system vulnerabilities and computer viruses are critical threats to our computing environment. We are asking the entire university community to take these threats seriously and make updating and protecting their computers a high priority.

If the latest critical updates and security patches have not been installed on your computer, your computer is open to attack and may already be infected with a recent computer worm that can exploit these vulnerabilities.

A tool for detecting and removing the worm and the security patch to repair the vulnerability together with instructions for their use are available on the ITS Web site. Please visit this site as soon as possible.

Note: Some school's local desktop security policies may prevent you from performing some or all of these tasks. If you require assistance or experience difficulties following any of these instructions, please contact your school's technical support staff or the ITS Help Desk at 8-5000.

After using the cleaning tool and installing the patch for your system, we urge you to install the latest CRITICAL updates from the Windows Update Site. When you go to that site, click the "Scan for updates" link and install any CRITICAL updates that are listed.

You may need to download and install several updates, possibly restarting your computer several times during the process, depending on what updates have been previously installed. Some of these downloads may take 20 minutes or more to complete. Please be patient and allow the process to be completed.

You should also ensure that your anti-virus program is up-to-date and properly configured to automatically scan all email attachment and file downloads for viruses and to automatically check for and install the latest virus definitions.

One of the most common ways for a computer to become infected with a computer virus is for the user to open an email attachment containing a virus.

We suggest you never click an attachment until it has been scanned for viruses with an up-to-date anti-virus program. If you are not expecting an attachment from a sender, you should verify with that sender that they intended to send you the attachment before opening it. You should scan all attachments for viruses before opening them even if the attachment is expected.

Do not install any patches or updates that arrive via e-mail. Microsoft does not send security patches via e-mail.

We appreciate your assistance in protecting the campus data network as well as your own personal computing environment, accounts and data from these types of computer attacks.

Macintosh users running Windows in Virtual PC will also need to apply the update.

If you have questions, please contact your technical support staff, the ITS Help Desk at ext. 8-5000 or help@csufresno.edu or Information Systems Security at security@csufresno.edu.