Skip to main content

ALERT! : Conficker Worm

Image
By
National Cyber Alert System

Technical Cyber Security Alert TA09-088A


Conficker Worm Targets Microsoft Windows Systems

Original release date: March 29, 2009
Last revised: March 30, 2009
Source: US-CERT


Systems Affected

* Microsoft Windows


Overview

US-CERT is aware of public reports indicating a widespread
infection of the Conficker/Downadup worm, which can infect a
Microsoft Windows system from a thumb drive, a network share, or
directly across a corporate network, if the network servers are not
patched with the MS08-067 patch from Microsoft.


I. Description

Home users can apply a simple test for the presence of a
Conficker/Downadup infection on their home computers. The presence
of a Conficker/Downadup infection may be detected if a user is
unable to surf to their security solution website or if they are
unable to connect to the websites, by downloading detection/removal
tools available free from those sites:

* http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
* http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
* http://www.mcafee.com

If a user is unable to reach any of these websites, it may indicate
a Conficker/Downadup infection. The most recent variant of
Conficker/Downadup interferes with queries for these sites,
preventing a user from visiting them. If a Conficker/Downadup
infection is suspected, the system or computer should be removed
from the network or unplugged from the Internet - in the case for
home users.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code on
a vulnerable system.


III. Solution

Instructions, support and more information on how to manually
remove a Conficker/Downadup infection from a system have been
published by major security vendors. Please see below for a few of
those sites. Each of these vendors offers free tools that can
verify the presence of a Conficker/Downadup infection and remove
the worm:

Symantec:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Microsoft:
http://support.microsoft.com/kb/962007

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.

US-CERT encourages users to prevent a Conficker/Downadup infection by
ensuring all systems have the MS08-067 patch (see
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx),
disabling AutoRun functionality (see
http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and
maintaining up-to-date anti-virus software.


IV. References

* Microsoft Windows Does Not Disable AutoRun Properly -
http://www.us-cert.gov/cas/techalerts/TA09-020A.htm

* Virus alert about the Win32/Conficker.B worm -
http://support.microsoft.com/kb/962007

* Microsoft Security Bulletin MS08-067 - Critical -
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx


* MS08-067: Vulnerability in Server service could allow remote code
execution -
http://support.microsoft.com/kb/958644

* The Conficker Worm -
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm

* W32/Conficker.worm -
http://us.mcafee.com/root/campaign.asp?cid=54857

* W32.Downadup Removal Tool -
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Comments

  1. nalinigabeMarch 3, 2022 at 11:53 PM

    Casinos Near Foxwoods Resort Casino - Mapyro
    Find the best casinos near Foxwoods Resort Casino 김포 출장안마 in 군산 출장안마 Foxwoods, MS with Mapyro. Use our map 고양 출장샵 to pick the best casinos to 군포 출장안마 visit near Foxwoods Resort 부산광역 출장안마 Casino

    ReplyDelete

Post a Comment

Popular posts from this blog

My Carboxy Stretchmark Treatment and Slimming Wrap experience at Total Skin Care Center

By
I've been googling around about this new treatment being introduced and implemented lately that is called Carboxytherapy that helps to reduce fats, cellulites deposits & even skin stretchmarks in our body.  ===================================== ======================================= According to this site : http://www.carboxytherapy.com/ Carboxytherapy refers to the cutaneous and subcutaneous administration of carbon dioxide gas [CO2] for therapeutic purposes. Carboxytherapy originated at the Royal Spas of France in 1932 with the treatment of patients afflicted by peripheral arterial occlusive disease. In South America and Europe, carbon dioxide therapy has been applied to the treatment of stretch marks, cellulite, and hypertrophic scars with impressive results. Studies have demonstrated that carboxytherapy improves skin elasticity, improves circulation, encourages collagen repair, improves the appearance of fine lines and wrinkles, and destroys localized fatty depos...
14 comments
Read more

MS SQL commands for inserting country list in database

By
I was having a hard time to find a database with complete set of country list and its corresponding nationalities... Although I found some but probably they are for sale... and you need to buy it (>. So what I've only got (from web surfing / researching) was a text file of country list plus their nationalities. So I don't have any option, so I've created a MS SQL query commands that inserts all 192 countries in a database..by just creating a new script , I mean I coded it into an MS SQL queries that inserts into a table(so you won't need to type it (^.~) ). Here is the instructions : 1) Download or copy the Query / Scripts I provided. INSERT INTO COUNTRY([NAME] , NATIONALITY ) values('Afghanistan', 'Afghan') INSERT INTO COUNTRY([NAME] , NATIONALITY ) values('Albania', 'Albanian') INSERT INTO COUNTRY([NAME] , NATIONALITY ) values('Algeria', 'Algerian') INSERT INTO COUNTRY([NAME] , NATIONALITY ) values('Andorra', ...
Post a Comment
Read more