Important Time-Sensitive Windows Security Message from Candace Fleming, CIO CUIT

An article in today's NewYork Times highlights the risks associated with a potentially dangerous and widespread worm known as Conficker or Downadup.  This worm, affecting Windows systems only*, is spread by:

• taking advantage of a recently discovered Windows vulnerability, or
• guessing network passwords, or
• portable gadgets like USB keys and flash drives

 Every individual at Columbia is responsible for ensuring that your system and the data contained on your system is protected from such attacks.  Please immediately:

1. Visit Windows Update and ensure that you have all the latest updates and patches.
2. Make sure you have an anti-virus and anti-spyware program running and have installed the latest updates and virus signature files.
3. Protect your system by creating a strong password.  A strong password is at least 8 characters, and includes a combination of numbers, upper and lowercase letters, and other characters, (e.g. %, #, @).

CUIT has purchased a site license for Symantec Endpoint Protection, an anti-virus/anti-spyware program.  This site license covers all current faculty, staff, and students of Columbia University, Barnard, and UTS.  If you have not done so yet, please visit the CUIT software download pages  and immediately download and install this program.

If you are affiliated with Teachers College, you must download your anti-virus software from Teachers College.

*Users running Macintosh computers are not affected and do not need to follow steps 1 and 2.

Although the impact this new attack has yet to be determined, taking steps to prevent this Worm (and other malicious software programs that could compromise Columbia's assets) is vital to pre-empting any possible impact they may have.

Thank you for your continued partnership in ensuring the security of our environment.

Candace Fleming