More on the University of Exeter outbreak

We are now able to confirm that the malware infected systems through the vulnerability highlighted in our previous e-mail. Further details and an update for this Windows Vista vulnerability can be found at

http://support.microsoft.com/kb/975517

Microsoft and Symantec performed an analysis of the malware, and updated Symantec definitions now detect it as a generic ‘downloader’.

There is no reason to suspect that this malware poses a specific threat to other JANET connected sites, and we have not seen any infections elsewhere. It is worth mentioning a few best practices that limit your risk to this and similar infections:

- Ensure that operating systems are kept fully patched
- Ensure that anti-virus definitions are kept up to date
- By default, block Windows LAN service ports at your network border

This entry was posted on Friday, January 29th, 2010 at 6:01 pm and is filed under Advisories, News. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

Service Hours:
08:00 to 18:00 Mon-Fri
18:00 to 00:00 Mon-Fri*
09:00 to 17:00 Sat-Sun*
(*reduced service)

News:

JANET CSIRT Incident Statistics for January 2012 (1/2/12) more

Symantec advice on pcAnywhere (26/1/12) more

Twitter:

RT @securityspeak: Regional police e-crime hubs set to tackle cyber threats http://t.co/YQcUpEt0 14 hours ago

RT @JANET_Cloud: We're announcing 8 of the world's leading cloud suppliers on the first framework of its kind for the Janet community ht ... 17 hours ago

That's why you read the documentation before attempting a brute force attack ;) 19 hours ago