UCL Computer Security Newsletter - January 2009
The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/cert.
1. Conficker/Downadup worm
Note that JANET sites have been seeing infections and we ask departments to ensure that machines are patched against the MS08-67 vulnerability. This worm spreads in various ways including saving executable autorun.inf files to any removable media or mounted network shares. More details at http://www.fsecure.com/weblog/archives/00001576.html
Taken in conjunction with the latest CERT advisory (Microsoft Windows Does Not Disable AutoRun Properly - available at http://www.us-cert.gov/cas/techalerts/TA09-020A.html ), this issue could cause severe problems once it gets in.
2. Christmas presents
It's the time of the year when new machines appear, without patches or anti-virus.
Please be aware that the Information Security Policy is regularly updated and a summary of recent (November 2008) changes is at http://www.ucl.ac.uk/cert/swg/policy/Change_summary_200811.html
4. ID Theft
Another freebie from MessageLabs - I attach an A4 copy of a poster on thwarting ID theft. Please put it up around your department.
Please note all correspondence from the UCL Computer Security Team is digitally signed either with personal PGP keys or the CERT team key (public keys available from http://www.ucl.ac.uk/cert/contacts.html ).
This newsletter and previous ones are available at http://www.ucl.ac.uk/cert/cst-newsletters/index.html (except currently the March 2007 one as that had sensitive information in it).
We welcome feedback on the content and organisation of documents on our web page.