The following message was sent to all AU Faculty and Staff on April 16, 2010:
On March 4, 2010, OIT's Deputy CIO sent out a message about a virulent surge of computer viruses that target stealing of personal information (link to original message). The surge of activity has not relented. When a workstation is infected with one of these viruses, the only reliable course of action is to completely wipe and rebuild the system. This is an inconvenience for you and one that we would like to help you avoid.
Recent virus activities have been primarily focused on exploiting Adobe Flash Player. We have identified 1,682 systems running vulnerable versions of this targeted application. In response, we have tested the critical patch and successfully installed it on 482 workstations in our community. The patch is small, installs quickly, and does not require a reboot of the system. Note, however, the next time you reboot the system; you will receive a message saying your Adobe Flash Player has been upgraded.
What does this mean to me?
We are asking that you download the patch to fix the vulnerability before Friday, April 23rd.
The patch is available for download on the my.american.edu portal. To download the patch, please:
Click on the TECHNOLOGY link on the right side of the page.
Then, click the DOWNLOAD SOFTWARE link under your Personalized Links.
Look for the patch listed under the Critical Security Patch heading.
Click the ADOBE FLASH PLAYER PATCH link and follow the on screen instructions.
After Friday, April 23rd, we will automatically install the patch on the remaining vulnerable systems to protect them from this virulent virus. If you have any questions please call the Help Desk at 202-885-2550 or firstname.lastname@example.org.
Cathy Hubbs, CISSP, CISA, CGEIT
Chief Information Security Officer
Office of Information Technology