Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Campus Wide Virus Alert

The campus is currently witnessing a large outbreak of Mydoom variants.

These variants are spread by e-mail and the most common subject lines are:

Your Email Account is Suspended For Security Reasons - OR - Your Email Account Access is Restricted

The e-mail contains various attachments (zip, pif, scr, exe, cmd). DO NOT OPEN THE ATTACHMENT even though the message instructs you to do so.

Be aware that Computing Services NEVER sends attachments of this type in e-mail. Doing so will cause your machine to become infected.

WHAT WE HAVE DONE:

To prevent the spread of this problem, infected machines have been removed from the network.

WHAT YOU NEED TO DO:

RUN LIVE UPDATE NOW!

  1. Right-click on the Symantec shield located in your system tray.
  2. Select Open Symantec AntiVirus.
  3. Select File > Live Update.

If Symantec AntiVirus is not loaded on your machine, download the software from the My Andrew web service at http://www.cmu.edu/myandrew/.

TECHNICAL DETAILS:

FOR MORE INFORMATION ABOUT THIS SECURITY ALERT VISIT:

http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.bq@mm.htmlhttp://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.bt@mm.html

Please direct any questions or comments to your departmental administrator or to the Computing Services Help Center at x8-HELP or advisor@andrew.cmu.edu.

Updated information on the Virus Threat

The campus still continues to see outbreaks of the Mydoom.BQ and Mydoom.BT mass mailing worms. Although we have posted a removal tool for infected machines, this removal tool is only effective for the Mydoom.BQ variant. The latest Symantec Antivirus definitions will intercept this virus and you can manually install the definitions by downloading them from here: http://www.cmu.edu/computing/security/latest/patches/Sym_ce_upd.exe

Once you've downloaded and installed the definitions update you will need to do a full scan of the computer.

Note that LiveUpdate will not be updated until the May 18th, thus the need to manually install and update the virus definitions.

Please contact the ISO if you have questions or need more info. Thanks!

- - - - - - - - - - - - - - - -

Jeff Pencosky

Information Security Office

Carnegie Mellon University

- --------------------------------------------

Departmental Computing Group Mailing List dept-computing-group@lists.andrew.cmu.edu

http://www.cmu.edu/computing/dept-computing

Questions? Contact Karen Van Dusen (kvd@andrew.cmu.edu)

- --------------------------------------------