Virus Alerts: Windows Vulnerabilities 9/11/03

Windows vulnerability alert (09/11/03)

Microsoft has identified a new set of vulnerabilities in Windows XP, Windows 2000, Windows Server 2003, and Windows NT. Hackers can use these vulnerabilities to run programs of their choice on unprotected computers. Future Internet worms exploiting these vulnerabilities could potentially cause as much disruption and delay as earlier worms did in August.

These vulnerabilities can also affect Windows installations in Virtual PC on Mac OS systems.

Computers running Windows 95, 98, Me, or non-Windows systems such as Mac OS or Linux, are not affected.

How to Protect Your Computer:

CIT urges all Windows users to get the latest critical security patch from Microsoft as soon as possible. The patch can be obtained through Windows Update at http://windowsupdate.microsoft.com/. CIT has also made a local copy of the patch available.

For more information about these vulnerabilities, see

Microsoft Security Bulletin MS03-039
CERT advisory CA-2003-23, RPCSS Vulnerabilities in Microsoft Windows

How to Avoid Virus Infections:

It's a good idea to update your Symantec (Norton) AntiVirus software and perform a complete scan at least once a week. All Cornell systems should have Symantec AntiVirus software that has been updated to the 9/10/2003 rev.5 virus definition file, or a newer file.

To update, run Symantec AntiVirus and choose Live Update. Or download the file via Bear Access (Virus Protection folder) or from Symantec.

Cornell University has signed a site license with Symantec to provide Symantec AntiVirus (SAV) to the entire campus community. The license allows SAV to be used on all university-owned computers, home computers of staff and faculty, and computers owned by registered students.

How to Get Rid of Virus Infections:

If you suspect your computer has been infected, visit Cornell's local downloads for avoiding or removing recent Windows worms for links to Symantec's tools for removing recent viruses. Also see information posted regarding the Blaster, Welchia, and Nachi worms. If you need additional assistance, please contact the CIT HelpDesk by calling 255-8990 or by sending e-mail to helpdesk@cornell.edu.
-------------------------
If you need help, please contact the CIT HelpDesk by calling 255-8990, by sending e-mail to helpdesk@cornell.edu, or by visiting 119 CCC. The HelpDesk is open Monday-Friday from 8:00 a.m. to 5:00 p.m., with extended phone hours Monday-Thursday from 5:00 p.m. to 8:00 p.m. during the academic year. If the HelpDesk is closed and your problem is urgent, contact the Network Operations Center at 255-9900.

Security Issues for Network and System Adminstrators

Last modified: June 5, 2003