coe-staff: FW: deptcomp: WannaCry update: Action required by 5pm TODAY (Tuesday, May 16)
Jeff Woodbury
jeffreyw at uoregon.edu
Tue May 16 07:21:47 PDT 2017
All,
If you have not yet been able to run Windows updates and have successfully restarted your computer, please do so today (5/16) by 5:00 pm.
UO Information Services is taking this threat very seriously and will temporarily remove network access from vulnerable Windows computers on the campus network after 5:00 pm today. Please read the details below.
If your computer is up to date in regards to critical updates, then your computer is no longer vulnerable to this WannaCrypt ransomeware.
If you have any questions, please contact COEIT at coe-support at ithelp.uoregon.edu<mailto:coe-support at ithelp.uoregon.edu>, or send us a ticket at https://coehelp.uoregon.edu/
jeff
From: deptcomp-bounces at lists.uoregon.edu [mailto:deptcomp-bounces at lists.uoregon.edu] On Behalf Of Technology Service Desk
Sent: Monday, May 15, 2017 4:54 PM
To: Departmental Computing <deptcomp at lists.uoregon.edu>
Subject: deptcomp: WannaCry update: Action required by 5pm TOMORROW (Tuesday, May 16)
Importance: High
WannaCry ransomeware: Action required
***Please update vulnerable Windows computers by 5:00pm tomorrow (Tuesday, May 16).***
Windows computers that are not up to date on Microsoft security update MS17-010 at that time will be temporarily disconnected from the UO network by the UO Information Security Office.
If this happens to a machine you support, you can restore its network access by performing Windows updates on it.
An extreme threat
The threat of the WannaCry ransomeware is extreme, as you may know:
https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html
Although you may have read that last week's version of WannaCry was stopped over the weekend by a built-in "kill switch," a version without the kill switch is now spreading.
Just one infected computer on the UO network puts all vulnerable computers at risk of infection by this ransomware, which encrypts files on infected computers, demanding payment in bitcoins to deliver the decryption key.
Action items for you
* Deploy Microsoft Windows Updates immediately, and no later than 5:00pm tomorrow (Tuesday, May 16).
* Disable SMBv1 on clients and servers that do not have a business need for it. (Information Security Office staff are happy to answer technical questions about the nuts and bolts of this process)
* Help educate users on the importance of maintaining backups somewhere other than on their computers, and on the risks of opening email attachments from unknown senders and.
The Information Security Office continues notifying departmental IT staff of machines in their departments that are vulnerable to network propagation of this threat, and will notify them again tomorrow before 5:00pm.
For mobile computers connected to the wireless network that have been confirmed as vulnerable, our standard quarantining process will continue to be applied.
If you have any questions, please contact the Technology Service Desk. You can reach us until 7pm tonight at 541-346-4357 and techdesk at uoregon.edu<mailto:techdesk at uoregon.edu>, then again tomorrow (Tuesday) morning at 8am.
UO Technology Service Desk
Information Services
541-346-HELP
techdesk at uoregon.edu<mailto:techdesk at uoregon.edu>
facebook.com/UOTechDesk | twitter.com/UOTechDesk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists-prod.uoregon.edu/pipermail/coe-staff/attachments/20170516/b6cdb448/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
URL: <http://lists-prod.uoregon.edu/pipermail/coe-staff/attachments/20170516/b6cdb448/attachment.txt>
More information about the coe-staff
mailing list