On August 29, the campus vulnerability scanner will be updated to determine whether the patch for Microsoft vulnerability MS06-040 has been applied. This vulnerability could allow an attacker to gain complete control over the vulnerable system. Computers running vulnerable operating systems and found to be missing the patch will not be permitted to connect to the campus network and will be redirected to remediation information.

Brief description
There is a remote code execution vulnerability in Server Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Resources

• http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx

Protecting Your Computer

• Install and run an anti-virus program on your computer.
• Apply anti-virus updates as they are made available by your anti-virus vendor.
• Scan your computer for vulnerabilities and infections by visiting http://selfscan.ucdavis.edu.
• Visit the Computer and Network Security Web site for practical information to help you protect your computer.

Questions? Contact the IT Express Computing Help Desk at (530) 754-HELP or ithelp@ucdavis.edu.