Although this particular threat poses no threat to schools or colleges, it has become clear the attack occurred by using an inherent weakness in all versions of Internet Explorer. As a result, Microsoft have issued a security warning.
(http://www.microsoft.com/technet/security/advisory/979352.mspx)
Unfortunately, this weakness in Internet Explorer has now been released on the internet – which means other threats will be written. This does pose a potential risk to schools and colleges.
There is no solution to this threat until Microsoft release a fix, however McAfee have released a number of guidelines;
1. Ensure that your McAfee antivirus/antimalware is up to date with a .DAT file 5862 or greater.
2. Run a full system scan on your system or each system if your .DAT files were not at this level.
3. Turn your Microsoft Internet Explorer browser settings to HIGH and restrict browsing to known sites until Microsoft provides a patch for the Internet Explorer exploit. (Although this will prevent the threat, it will also stop a number of websites working correctly)
4. Enable Artemis, McAfee’s real-time file reputation engine which protects against known, new, and emerging threats, on your endpoint products. If you do not know how to do this, please visit the McAfee Knowledge Base at https://kc.mcafee.com to access a video tutorial and KB articles.
5. If you have the capability to log all outbound Web requests, do so for future forensics.
At this time, McAfee have raised the global threat condition to ‘Critical’ and EIS recommend all security systems are set to ‘High security’.
McAfee have released an Aurora Stinger and is available here
<http://download.nai.com/products/mcafee-avert/aurora_stinger.exe>.
<http://download.nai.com/products/mcafee-avert/aurora_stinger.exe>.
