Hi Folk,
Great to see you all.
Tomorrow is April 1and there is a peril of Win32/Conficker worm. Here is my findings when fiddling with this topic.
Win32/Conficker is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Depending on the specific variant, it may also spread via removable drives and by exploiting weak passwords. It disables several important system services and security products and downloads arbitrary files.
Microsoft Malware Protection Center (MMPC) has identified the following variants of Win32/Conficker:
- Worm:Win32/Conficker.A: identified by the MMPC on November 21, 2008
- Worm:Win32/Conficker.B: identified by the MMPC on December 29, 2008
- Worm:Win32/Conficker.C: identified by the MMPC on February 20, 2009*
- Worm:Win32/Conficker.D: identified by the MMPC on March 4, 2009**
| *Also known as Conficker B++ | |
| **Also known as Conficker.C and Downadup.C |
More information on this can be obtained from MS site.
The following MS links talks about the solution by applying the following patch updates.
These patches are released December’08 and January’09. Desktop Central customers would have already applied the patches. You can ensure this from Desktop Central Server web console -> Patch Management -> Missing Patches. Use the search feature to check the KB articles and know the status of your network.
You have the provision to install the patches from the search result of missing patches. Patch your network using Desktop Central and get protected from conficker worm.
cheers
Romanus
I wouldn’t be totally surprised if the Conficker worm turned out to be an “April Fool’s Joke,” but of course doing nothing still isn’t worth the risk