The university sent an email to all students, faculty, and staff yesterday warning of a vulnerability to Symantec Endpoint Protection and other Symantec security systems that could cause computers to be infected with a malicious code.

Penn State is advising all students, faculty, and staff to keep their Symantec Endpoint Protection up to date with the most recent version to offer the best chance of keeping university-owned computers from being infected. Personal computers can be vulnerable as well, so even though the Penn State sent the warning with university-owned machines in mind it’s also a good minder to check that your computer is up to date and secure.

The Symantec vulnerability is systematic and is anticipated to impact users globally. Unlike most viruses which require users to click a sketchy link or open an infected email, the Symantec virus can take over a computer when the system runs regular antivirus scans.

Penn State offered suggestions for both operating systems for users with and without administrative rights (meaning you can make changes to the computer yourself, things like downloading Chrome or updating an app). From the email:

Mac users with administrative rights:
Students, faculty, and staff members who have administrative rights to their Mac computers need to have “LiveUpdate” turned on in order for Symantec Endpoint Protection to automatically mitigate the vulnerability.

Windows users with administrative rights:
Students, faculty, and staff members who have administrative rights to their Windows-based computers can download and install the new version of Symantec Endpoint Protection by visiting downloads.its.psu.edu. Instructions for downloading and installing the new version of the software are also available.

Mac and Windows users without administrative rights:
Students, faculty, and staff members without administrative rights to their Mac or Windows-based computers will need to contact their local IT support.

Penn State IT is working with the Office of Information Security to warn students, faculty, and staff and mitigate risks. Anyone with questions is encouraged to reach out to either entity. You can get a hold of IT by calling 814-865-4357 or emailing [email protected].

This a year after the university announced that both the College of Engineering and the College of The Liberal Arts were victims of a systematic cyberattack that compromised users’ information in both colleges. Penn State has since rolled out two-factor authentication (2FA) to faculty and staff and is planning to get students initiated as well come fall.