Saturday, January 17, 2009
Beware of Conficker!
Microsoft has issued the following warning about this worm, which has infected nearly 9 million machines:
Back on Oct. 23, 2008, Microsoft released a critical security update for Windows: MS08-067. Isolated attacks existed at the time of the bulletin release and in our blog we strongly recommended installing the security update as quickly as possible. Later, a few trojans that exploit this vulnerability were found and a month from the release of the bulletin we blogged again, this time about the first worm which exploited that vulnerability: Win32/Conficker (here and then here).
Over the last couple of weeks, a new variant of this worm has been affecting customers. We detect it as Worm:Win32/Conficker.B. In addition to exploiting MS08-067, this variant also uses other propagation methods; it tries to copy itself to network shares by guessing their passwords. If the password is weak, it may succeed. It also tries to spread via removable media.
To read the Symantec report, go to http://www.symantec.com/security_response/writeup.jsp?docid=2008-123015-3826-99
UPDATE: The Associated Press says that this worm may be a dud, and while it spread quickly, may not be as much of a threat as originally feared.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment