Conficker Worm News

Conficker Removal Tool

According to the Internet Storm Center, which tracks virus infections and Internet attacks, Conficker can spread in three ways.

First, it attacks a vulnerability in the Microsoft Server service. Computers without the October patch can be remotely attacked and taken over.

Second, Conficker can attempt to guess or ‘brute force’ Administrator passwords used by local networks and spread through network shares.

And third, the worm infects removable devices and network shares with an autorun file that executes as soon as a USB drive or other infected device is connected to a victim PC.

Conficker and other worms are typically of most concern to businesses that don’t regularly update the desktops and servers in their networks. Once one computer in a network is infected, it often has ready access to other vulnerable computers in that network and can spread rapidly.

[Excerpt from Erik Larkin, PC World]

Home computers, on the other hand, are usually protected by a firewall and are less at risk. However, a home network can suffer as well. For example, a laptop might pick up the worm from a company network and launch attacks at home.

The most critical and obvious protection is to make sure the Microsoft patch is applied. Network administrators can also use a blocklist provided by F-Secure to try and stop the worm’s attempts to connect to Web sites.

Leave a Reply

You must be logged in to post a comment.