Saturday, April 11, 2009

Conficker Worm Panic Scare!

Update - April 10, 2009

Since conficker worm is coming on April 1, you might want to arm yourself with knowledge on how to get rid and protect yourself from it, below are some information about conficker worm from Microsoft website, also note that Microsoft have patched the vulnerability exploited by Conficker worm way back in October, so if your using genuine Microsoft Windows product you should be fully patched and should be safe from being infected over the net, provided you have auto update turned on and installed the patch, check out KB958644 for more info on the update, if your using pirated Windows I would suggest you start scanning your machine follow the instruction here and see information below symptoms of infection.
  • Account lockout policies are being tripped.
  • Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services are disabled.
  • Domain controllers respond slowly to client requests.
  • The network is congested.
  • Various security-related Web sites cannot be accessed.

What is Conficker worm:

The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction.


Am I at risk of having the Conficker worm?

Most antivirus software could detect and block the Conficker worm, so if you have updated antivirus software on your computer, you are at a much lower risk of being infected by the Conficker worm, if for some reason you believe your infected by Conficker worm just follow the 10 Easy Steps Virus and Malware Removal


What does the Conficker worm do?

To date, security researchers have discovered two variants of the worm in the wild

  • Win32/Conficker.A was reported to Microsoft on November 21, 2008.
  • Win32/Conficker.B was reported to Microsoft on December 29, 2008.
  • Win32/Conficker.C was reported to Microsoft on February 20, 2009.
  • Win32/Conficker.D was reported to Microsoft on March 4, 2009.

Win32/Conficker.B might spread through file sharing and via removable drives, such as USB drives (also known as thumb drives). The worm adds a file to the removable drive so that when the drive is used, the AutoPlay dialog will show one additional option

Source:

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
http://support.microsoft.com/default.aspx/kb/962007


Update April 9, 2009

Worm:Win32/Conficker.E: identified by the MMPC on April 8, 2009

Also Known As:

Win32/Conficker.worm.119296 (AhnLab)
Win32.Worm.Downadup.A (BitDefender)
Win32/Conficker.A (CA)
W32/Conficker.G (Authentium (Command))
Win32/Conficker.AQ (ESET)
Trojan-Dropper.Win32.Kido.o (Kaspersky)
Net-Worm.Win32.Kido.js (Kaspersky)
W32/Conficker.worm.gen.d (McAfee)
W32/Confick-D (Sophos)
W32.Downadup (Symantec)
Trojan.DR.Kido.CE (VirusBuster)

Summary

Worm:Win32/Conficker.E is detection for a variant of Win32/Conficker and is already identified by current signatures. Conficker.E infects other computers across a network by exploiting a vulnerability in the Windows Server service (srvsvc). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Conficker.E is installed by previous variants of Win32/Conficker. This variant will self-terminate on May 3 2009.
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.



1 comment:

coffee maker said...

only a little while now until Conficker is supposed to take effect... hopefully people have already found whatever fixes they needed to find

For suggestion and concerns E-mail