Since mid August, DIS technical personnel are seeing widespread worm and virus activity on the state network primarily due to the "Blaster" and "Welchia" worms otherwise known as:
WORM_MSBLAST.A (W32/Lovsan.worm, W32/Blaster-A, W32.Blaster.Worm, Worm.Win32.Lovesan) and it's variants WORM_MSBLAST.D (W32.Welchia.Worm, W32.Nachi.worm, Win32.Nachi.Worm, Welchia, W32/Nachi-A).
For more information regarding MSBLAST as described in Microsoft bullentins, please see:
http://www.microsoft.com/security/incident/blast.asp. Also see http://www.dis.state.ar.us/, select link to "Worm Removal".
DIS personnel have been and continue to contact the schools who have reported infections, and need each school's immediate attention to seeing that the district's computers are properly cleaned and patched.
Please see to it that each school district has representation on our statewide conference call for APSCN /K-12 sites on Wednesday, September 10th, at 10:00 am central time. Advice and technical assistance in knowing if devices are infected and guidance on how to cleanse and patch devices to stop the worm and virus from spreading throughout both your network and to other vulnerable machines on the state network will be provided.
Dial in number for the conference call is: (734)414-0267, and participant code is 787175.
Other statewide conference calls will be held Tuesday, September 9th at 2:00 PM (for State Agencies) and Thursday, September 11 at 10:00 AM (for Higher Education).
Please make an effort to participate in this call because DIS will review router activity logs again on Monday, September 15th, and sites with active infections will be disabled from state network access.