zambavi
Guest
You may be hearing about a virus that is set to hit people on April 1st. This is true threat and you should read the below to verify all your systems... laptops & desktops.
Background
Conficker is a worm, also known as Kido or Downandup that exploits a vulnerability in Windows that Microsoft patched in October 2008
Conficker.B, detected in January, added the ability to spread through network shares and via removable storage devices, like USB drives, through the AutoRun function in Windows.
Conficker.C, which surfaced earlier I n March shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan. It also reaches out to other infected computers via peer-to-peer networking and includes a list of 50,000 different domains, of which 500 will be contacted by the infected computer on April 1 to receive updated copies or other malware or instructions. Previous Conficker variants were written to connect to 250 domains a day.
What makes Conficker so unnerving is that at least once a day, each infected machine tries to connect sequentially with a list of 250 Internet domains for further instructions. Each day this list of 250 domains -- each one a potential command and control server -- changes.
Systems That May be Affected
Windows 2000, Windows Server 2003, Windows Vista, Windows XP.
(Please note that the legacy OS’s: Windows 95, Windows 98, Windows Me, Windows NT 3.5, Windows NT 4.0 do not offer any protection. )
Infection symptoms
The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.
A. Check to see if patch KB958644 has been installed on my system?
If you are not sure if your system has Microsoft’s patch KB958644, you need to review your updates history on your system and look for this patch. To do so, follow these steps:
1. From your “Start” menu select Control Panel
2. A new window will open. Select “Add/Remove” Programs if running XP. Otherwise select “Programs and Features” if running Vista.
3. A new window will open with a list of programs currently installed on your system.
4. Click on “ View installed Updates” This will list all Microsoft updates installed on your system.
5. Scan through all the updates and search for a line with (KB958644)
6. If you find it, your system is appropriately patched
If you have been staying up with your Windows updates, then the patch should have been installed around 10/25/2008 or so.
Thought this would be good information to get out there.
Background
Conficker is a worm, also known as Kido or Downandup that exploits a vulnerability in Windows that Microsoft patched in October 2008
Conficker.B, detected in January, added the ability to spread through network shares and via removable storage devices, like USB drives, through the AutoRun function in Windows.
Conficker.C, which surfaced earlier I n March shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan. It also reaches out to other infected computers via peer-to-peer networking and includes a list of 50,000 different domains, of which 500 will be contacted by the infected computer on April 1 to receive updated copies or other malware or instructions. Previous Conficker variants were written to connect to 250 domains a day.
What makes Conficker so unnerving is that at least once a day, each infected machine tries to connect sequentially with a list of 250 Internet domains for further instructions. Each day this list of 250 domains -- each one a potential command and control server -- changes.
Systems That May be Affected
Windows 2000, Windows Server 2003, Windows Vista, Windows XP.
(Please note that the legacy OS’s: Windows 95, Windows 98, Windows Me, Windows NT 3.5, Windows NT 4.0 do not offer any protection. )
Infection symptoms
The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.
A. Check to see if patch KB958644 has been installed on my system?
If you are not sure if your system has Microsoft’s patch KB958644, you need to review your updates history on your system and look for this patch. To do so, follow these steps:
1. From your “Start” menu select Control Panel
2. A new window will open. Select “Add/Remove” Programs if running XP. Otherwise select “Programs and Features” if running Vista.
3. A new window will open with a list of programs currently installed on your system.
4. Click on “ View installed Updates” This will list all Microsoft updates installed on your system.
5. Scan through all the updates and search for a line with (KB958644)
6. If you find it, your system is appropriately patched
If you have been staying up with your Windows updates, then the patch should have been installed around 10/25/2008 or so.
Thought this would be good information to get out there.
