UCSD
CAMPUS NOTICE
University of California, San Diego
 

OFFICE OF THE SENIOR VICE CHANCELLOR -
ACADEMIC AFFAIRS

OFFICE OF THE VICE CHANCELLOR -
BUSINESS AFFAIRS

August 12, 2005


ALL AT UCSD (Including UCSD Healthcare)

SUBJECT:    Blocking non-compliant computers from the UCSD network

On August 9, 2005, Microsoft issued a security bulletin listing several newly discovered critical vulnerabilities in Windows products. These vulnerabilities could expose UCSD and your own personal data if computers are not properly protected. Instead of waiting for an attack and then attempting to fix the damage, we must, therefore, make certain that each machine connected to the Internet and to the UCSD network is secure and protected.

Because of the newly disclosed risks, we immediately require everyone who uses the UCSD network to become compliant with the Minimum Network Security Standards which were issued in June 2004 and became effective on January 1, 2005. Users with vulnerable devices may find themselves blocked from the network with little or no warning in order to protect others. This will prevent such computers from accessing web sites, email, printers, and file servers.

Is your computer secure? A security audit completed today detected a large number of vulnerable machines on the network. If you do not know whether you are compliant, it is your responsibility to find out. Talk to your system administrator, departmental or divisional computing staff, or use the links below to secure your machine yourself. Linux, Unix, and Macintosh systems are not exempt. Users meeting the UCSD Minimum Network Security Standards should not be affected.

Administrative officials and system administrators are responsible for enforcing the Minimum Network Security Standards within their unit.

Vulnerable machines hurt everyone. Please help us keep our campus secure.

How to fix a vulnerable Microsoft computer:
http://www.microsoft.com/security/bulletins/200508.mspx

Technical details of Microsoft August 2005 Security Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx

Minimum Network Security Standards overview:
http://blink.ucsd.edu/go/networkstandards

Minimum Network Security Standards overview: implementation guide:
http://www-no.ucsd.edu/security/minstds/impl.guide.html

Network Security assistance:
http://blink.ucsd.edu/go/networkresources

UCSD Network Security Policy:
http://adminrecords.ucsd.edu/PPM/docs/135-3.html

For technical assistance contact the ACS Helpdesk at userserv@ucsd.edu or (858) 534-1857.

For questions regarding the Network Security policy contact computingpolicies@ucsd.edu.

For questions regarding this message contact Charlotte Klock, Chair of the ACTPC Security Subcommittee, at cklock@ucsd.edu or (858) 822-1223.


David R. Miller
Acting Senior Vice Chancellor -
Academic Affairs

Steven W. Relyea
Vice Chancellor -
Business Affairs