SECURITY ADVISORY: Malicious DVDs Sent Through Mail
(US Eastern Time)
DATE: June 19, 2012
WHOM DOES THIS AFFECT?
Students, faculty and staff members
Several universities have recently reported that members of their communities have received malicious DVDs through the mail. The mail indicates that there is a possible security issue and includes a DVD with alleged details on the security issue. In reality, the DVD contains malware. Reports indicate that this malware is not being recognized by antivirus software.
WHAT YOU NEED TO DO:
If you receive an unexpected DVD in the mail indicating a possible security issue:
1. DO NOT insert the DVD into your computer.
2. Contact the Computing Services Help Center, your departmental computing administrator or your DSP consultant.
As a general best practice, users should ensure that AutoPlay and AutoRun functionality is disabled on their computers.
Note: Windows computers managed by DSP already have the AutoRun feature disabled.
For Microsoft Windows users:
1. Select Control Panel > Hardware and Sound > AutoPlay
2. Adjust settings so that AutoPlay is disabled.
For Apple OSX users, AutoRun is not a feature. However, users can review AutoPlay features for music, photo and video media:
1. Select Apple > System Preferences > CDs & DVDs
2. Adjust your settings so that CDs and DVDs do not automatically play.
Please direct any questions or comments to the Computing Services Help Center (412-268-HELP or firstname.lastname@example.org) or to your departmental administrator or DSP consultant.