Today at Berkeley Lab nameplate Today at Berkeley Lab Berkeley Lab
Wednesday, January 4, 2006
 
S P E C I A L   E D I T I O N

 

Lab's Computer Protection Program Issues Cyber Alert For Windows Users

IT logo

A new threat is targeting all versions of Microsoft Windows. Employees who use Windows 2000 or XP must apply the unofficial (not from Microsoft) patch. Threat conditions warrant installing this non-vendor provided patch. The patch has been endorsed by several well-known security entities such as SANS. Go here to download and install this patch.
 
All Windows 95/98/ME/NT/2000/XP users should follow these recommendations.
 
This is a serious vulnerability. Attackers have already begun exploiting this vulnerability by placing files on web pages and sending e-mail with malicious image files. Staff may unknowingly compromise their systems by simply viewing malicious images via a web browser. The system will give you no indication it has been compromised by such an image. Berkeley Lab has already had six instances of Windows systems being comprised. These malicious image files commonly have a .wmf extension, but they can be of almost any image file extension, for example .jpg, .gif, .bmf, .tif.
 
Call the IT Help Desk (x4357) for assistance with installing the patch. For more detailed information, go to the Computer Protection Program website. Read Microsoft's alert here.


 
DOE logo Office of Science logo UC logo