Experts are warning that hackers have yet to activate the payload of the Conficker virus.

[Guest ~BD~]

Quote (BBC) :-

"Experts are warning that hackers have yet to activate the payload of

the Conficker virus.

 

The worm is spreading through low security networks, memory sticks, and

PCs without current security updates.

 

The malicious program - also known as Downadup or Kido - was first

discovered in October 2008.

 

Although the spread of the worm appears to be levelling off, there are

fears someone could easily take control of any and all of the 9.5m

infected PCs".

 

Ref: http://news.bbc.co.uk/2/hi/technology/7832652.stm

[Guest Shenan Stanley]

~BD~ wrote:<span style="color:blue">

> Quote (BBC) :-

> "Experts are warning that hackers have yet to activate the payload

> of the Conficker virus.

>

> The worm is spreading through low security networks, memory sticks,

> and PCs without current security updates.

>

> The malicious program - also known as Downadup or Kido - was first

> discovered in October 2008.

>

> Although the spread of the worm appears to be levelling off, there

> are fears someone could easily take control of any and all of the

> 9.5m infected PCs".

>

> Ref: http://news.bbc.co.uk/2/hi/technology/7832652.stm</span>

 

Something requested to be made public - slightly modified by me for

wording...

 

Reference material:

 

MS08-067

http://www.microsoft.com/technet/security/...n/ms08-067.mspx

Malicious Software Removal tool

http://www.microsoft.com/security/malwareremove/default.mspx

History: Win32/Conficker.B

http://www.microsoft.com/security/portal/E...n32/Conficker.B

 

 

Though systems which have already applied the out-of-band released

MS08-067 (http://www.microsoft.com/technet/security/...n/ms08-067.mspx)

in October 2008 are protected, unpatched system users have

experienced system lockout and other problems.

 

Last week, a version of the Malicious Software Removal tool

(http://www.microsoft.com/security/malwareremove/default.mspx)

(MSRT) was released that can help remove variants of

Win32/Conficker and other resources.

 

 

Some Background:

 

Win32/Conficker.B

(http://www.microsoft.com/security/portal/E...n32/Conficker.B)

exploits a vulnerability in the Windows Server service (SVCHOST.EXE)

for Windows 2000, Windows XP, Windows Vista, Windows Server 2003,

and Windows 2008. While Microsoft addressed this issue in October

with Microsoft Security Bulletin MS08-67

(http://www.microsoft.com/technet/security/...n/ms08-067.mspx),

and Forefront antivirus and OneCare (as well as other vendor's anti-virus

products) helped protect against infections, many systems that have not

been patched manually through Server Update Services and

Microsoft/Windows Update or through Automatic Updates have recently

come under attack by this worm. Attacked systems may lock out users,

disable update services and block access to security-related Web sites.

 

 

In response to this threat, Microsoft has:

 

Updated the January version of the MSRT to detect and remove

variants of Win32/Conficker.B. You can download this version from the

MSRT from either the Microsoft Update site

(http://www.update.microsoft.com/) or through its associated

Knowledge Base article (http://support.microsoft.com/kb/890830).

 

Created the KB article 962007 "Virus alert about the Win32/Conficker.B

worm (http://support.microsoft.com/kb/962007)" to provide public details

on the symptoms and removal methods available to address this issue.

 

Announced the release of the items and the virus threat itself on

the Microsoft Malware Protection Center blog

(http://blogs.technet.com/mmpc/archive/2009...nd-banload.aspx).

 

It is hoped that these resources can assist you in resolving issues with

unpatched, infected systems and that you can apply MS08-067

(http://www.microsoft.com/technet/security/...n/ms08-067.mspx) to

any other unpatched systems as soon as possible to avoid this threat.

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html