As of yesterday it is being reported that the Downadup worm (also known as Conficker or Kido)has infected an estimated 8,976,038 computers worldwide and the infections appear to be speeding up.
The worm is being spread via a Microsoft vunerability which was addressed back in October. Microsoft is cited as saying "Either Security Update MS08-067 was not installed at all or was not installed on all the computers," a pair of security researchers who work at Microsoft said Tuesday. Microsoft is advising that if you do not already have the emergency update that you DOWNLOAD IT They are also offering a free Malicious Software Removal Tool HERE
What exactly does this worm do? It potentially exposes PC's to hijacking which in turn could cause a loss of personal informaiton such as user names, passwords and even banking information. This appears to be infecting networks (mostly businesses)and if one is cleaning up a mess, it should be started at the server and then every PC on the network will need to be fully cleaned. Make sure that your antivirus software is up-to-date and disable Autoplay *and* Autorun functionality if possible. Downadup spreads itself via Network Shares and Removable Storage Devices such as USB memory. Downadup also attempts to brute-force account passwords so make sure that your administrator accounts are secure and use strict passwords.
Downadup uses random extensions for some of its components so you'll need to scan all file types on the system once you have disinfected. Downadup disables connectivity to a large number of security sites, update channels, as well as Microsoft Updates. You should confirm that these connections are reestablished once the computer is clean.
Operating systems that are affected:
Windows 2000 SP4
Windows XP SP2
Windows XP SP3
Windows XP Professional X64 Edition
Windows XP Professional X64 Edition SP2
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Server 2003 X64 Edition
Windows Server 2003 X64 Edition SP2
Windows Server 2003 with SP1 Itanium-based Systems
Windows Server 2003 with SP2 Itanium-based Systems
Almost every infected machine is using Windows XP as the operating system.
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment