Some campus computers, including those belonging to students in residence halls, may be kicked off the network this evening.

The discovery of a new vulnerability in the Microsoft Windows operating system has the Center for Computing and Information Technology taking steps to secure the campus network.

The vulnerability is not a virus but a flaw in Windows that could be used by a virus or hacker to break into and infect computers.

The vulnerability is similar to the one used by the Blaster Worm that hit the university network on Aug. 11, said Edward Frohling, head of CCIT's Security Incident Response Team.

The Blaster Worm was a virus that compromised many computers on campus and around the world last month. It was the fastest spreading virus ever recorded.

The latest discovery of a flaw in Windows had not caused a virus problem for the university as of yesterday.

"We have not seen this thing active yet," said Frohling.

A memo sent out by Security Incident Response Team member Bob Lancaster said the security flaw could be used by an attacker to gain complete control over an affected computer through the Internet.

A scan performed by CCIT showed that approximately 3,700 computers on campus were still vulnerable as of yesterday morning, according to Frohling.

An update that will fix this vulnerability in Windows can be downloaded for free from the Microsoft Web site.

To reduce the possibility of this security flaw affecting the campus network, Frohling said, "We are going to take some positive action and block machines from accessing the network."

Though the block is planned to occur this evening, it could happen sooner if the vulnerability is exploited by an attacker or a virus.

Blocked computers will be able to regain access to the network after they are updated with the fix from Microsoft's Web site.

Someone wanting to exploit this new vulnerability could use techniques similar to those used for the Blaster Worm, said Frohling.

He also said the tools needed to exploit this vulnerability were already out on some hacker Web sites as early as Thursday or Friday of last week.

This flaw affects Windows versions NT 4.0, 2000, and Server 2003, but is not present in Windows versions Me, 98, and 95, according to Microsoft's Web site.