Information Security Advisory
ITS Security Office – BGSU  7/21/2010 - Updated 7/29/10 3:45PM

Malicious link sent via Instant Messenger. DO NOT CLICK ON INCLUDED LINKS!

Systems Affected
All BGSU Windows users using Instant Messenger.

Overview
There are recent reports of an instant messenger from a known user that requests to click on a link. 

Below is an example of the IM message:

DO NOT CLICK ON ANY INCLUDED LINKS!

Impact

Clicking on the link can lead to system compromise. If you believe your system has been infected, please contact the Technology Support Center (TSC) at 2-0999.

Recommendations
McAfee released DAT update on 7/27/10 that detects this infection as Generic.dx!tfh. See information below. Keep anti-virus protection updated!

Additional Information
Yahoo Instant Messenger Worm - University of California - 7/21/10
McAfee - Generic.dx!tfh information


DISCLAIMER:   Information Security Advisories and related resources provide technical and administrative advice to protect sensitive information on the University network and to help BGSU comply with regulations pertaining to information security.  Failure to comply with these advisories may directly or indirectly increase the risk of exposure or compromise of sensitive University information.  These advisories and resources do not provide legal advice – contact the BGSU Office of General Counsel or other appropriate legal advisor for interpretations of regulations.