The network status page for the university was updated earlier on today to state that the "virus is only prevalent in machines running Vista SP2", and as a result they brought the network offline to limit any further spread. They were also advising that anyone with a Vista machine, either a public machine or a laptop, should not connect to the network until further notice.
Since then, the status page now shows that certain areas of the network are now running and are slowly being brought online - but still avoiding machines which are susceptible to the exploit.
Internal network users would have had no access to the web or email, however off-campus users can now use the dedicated student portal, the Outlook Web Access email system and VPN capabilities. The virtual learning environment (VLE) was brought offline which means students and learners will have had no electronic access to their study materials. Even phone systems which rely on VoIP technology had been affected and were disconnected from the network.
Student residences and halls of residence are still currently offline but this will be one of the priorities, yet most of the network has now been restored. David Allen, registrar and deputy chief executive of the university, has assured students that any delay to handing in work will be treated sympathetically and will have "arranged short term extensions... as appropriate".
Other campuses of the university and connecting networks have been isolated, removing the branch office element and cutting campuses off from each other to limit further damage.
An internal email from the network security administration has been quoted as saying, "This is what happens when SUS [software update service] admins don't auto-approve", suggesting someone managing the network updates hadn't patched the exploitable computers with the appropriate fix, leading to this issue.
The virus is believed to have come from inside the network according to my source; whether via a student PC or a staff PC is not yet known. Other networks which connect to the Exeter network, such as external colleges and campuses have been patched and are "using nmap'ping the network for Vista machines to stop them accessing the network".
Whether anything was stolen or hacked as a result of this breach is unknown.
Vista has seemed to live to die another day, and maybe for Exeter, this day will be sooner rather than later. However, universities and institutions are stuck with Vista if they have already upgraded due to compatibility issues and the lack of support available now for XP. After the disruption caused to staff and students as a result of this breach, not to mention the money lost, I wouldn't blame them if they thought an immediate upgrade to Windows 7 or even another operating system would be a wise investment.