Sendtogroup News, SF pw:Pacific#1 Pac IT Pros: USB Exploit
Hello my dear friends on Micronet,
I got an interesting note from a professional group I belong to and thought it was prudent to pass it along as it not only affects windows machines, but Macs and virtual machines on VMWare as well. Please read and enjoy!
Facility Services IT
University of California, Berkeley
2000 Carleton St., Room 240
Berkeley, CA 94720
Office: (510) 643-5523
Pac IT Pros members: You should be aware of a USB exploit which affects all versions of Windows or if auto-play has been disabled. It does not matter if the machine is locked, at a login prompt or has just beenpowered on rebooted. All an attacker has to do is plug in a USB stick with the malware and they will have access to the machine with elevated privileges.The attack is effective against physical machines and virtual machines (with pass through USB support) even if they are running on VMware or a Mac
There are two fixes. Disable USB ports in the BIOS, (not through a Group Policy) of all computers or apply patchMS13-027. (This is an auto-update patch). Until updatedall version of Windows are susceptible to this attack.
Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.