Community
Downadup aka Conficker is a rather nasty worm which attacks a vulnerability in Microsoft Windows. The infection rate is going through the roof according to researchers at F-Secure.
The figures are sobering with 6.5 million new infections in four days, although some security experts are questioning the figures.
Microsoft did release an emergency patch around three months ago but as you might expect - around a third of Windows machines haven't had it applied yet. To add to the problem, some researchers believe compromised PCs are unable to receive Microsoft updates, thus Microsoft's malicious software removal tool is unlikely to be very effective in combatting it.
The worm spreads via a number of mechanisms including USB memory sticks via a sneaky social engineering ruse and does an excellent job of protecting itself, so once the malware gets inside a corporate network, it can be unusually difficult to remove completely.
It protects itself by making sure it restarts early on when Windows boots up. It also changes access rights to infected files and registry keys so the user can't touch them and disables a number of services. It also blocks access to a number of domains relating to security matters to further hinder the user. In fact it seems to do quite a lot.
More about the worm from F-Secure and The Register.
So. If you're running Windows, is your machine patched and up to date?
Microsoft Security Bulletin
Updated 20/01/2009
It's still spreading - but as yet there's no obvious malicious payload - possibly the miscreants have left it too late now the eyes of the world are upon them. There is always the chance however that someone else will tap into it for malicious purposes.
The Register are reporting that the MoD are having problems - possibly related?
And hospitals in Sheffield are infected after automatic updates were disabled. This seemingly barmy management decision was made after problems were experienced with PCs in operating theatres rebooting themselves. Well, durrr.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Nkiru Uwaje Chief Operating Officer at Mansa
12 September
Dirk Labuschagne Chief Information Security Officer at Direct Transact
Alexander Boehm Chief Executive Officer at PayRate42
Hugo Chamberlain COO at smartKYC
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.