[IGPP Everyone] [EPSS Everyone] Critical Windows Vulnerability

[SALYARDS, STEPHEN]

Greetings,
  A quick word to comment on the most recent possible compromise of the Windows Operating system. If you do not run Windows you can breath your sigh of relief.

There is a new piece of malware circulating called DoublePulsar. It spreads across the network and infects Windows operating systems including Windows Servers. From what I have read all versions of Windows back to XP can be infected. This is not something you get by opening an infected email.

First, we block the protocol that is used by the malware to spread in the EPSS firewall. That is only partial protection as someone with a laptop could become infected outside the department and bring it into our network.

The good news is that Microsoft released a patch for this vulnerability about a month ago. If you have run Windows Updates in the last month you should be protected. If you have not do so now! But I should not have to say that since I know you all update and backup your machines regularly.

I am still trying to get up to speed on this malware but because of the rapid spread of this bug and the critical nature I wanted to get an initial warning out to you ASAP.

One final note: If you are running an old version of Windows, such as my favorite XP, no patch may be available. Options are to install a machine firewall and be sure port 445 is blocked or to upgrade your OS to one that is supported.

Thanks
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igpp.ucla.edu/pipermail/everyone/attachments/20170426/0db893c5/attachment.html>
-------------- next part --------------
_______________________________________________
Everyone mailing list
Everyone at dept.epss.ucla.edu
http://dept.ess.ucla.edu/mailman/listinfo/everyone