December 1, 2009

How Protect your Windows Computer from Conficker Worm

Many of you must have come across this new worm/virus named Conficker as of now. Those who have not come across Conficker so far, here are the details.

Security researchers have determined that the virus is expected to go “live” on April 1st, 2009, causing your computer to do bad things—but since the worm uses a P2P protocol it’s nearly impossible to identify the source.

What is Conficker worm?

The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction.

Conficker is also known across the globe as Kido or Downadup and also has been reported as Win32/Conficker.A, Win32/Conficker.B, Win32/Conficker.C and Win32/Conficker.D so far.

Conficker cropped up in November and exploits vulnerability in Windows that Microsoft patched in October. Conficker.B, detected in February, added the ability to spread through network shares and via removable storage devices, like USB drives, through the AutoRun function in Windows. Conficker.C, shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan.

How Does Conficker Spread?

Conficker might spread through file sharing and via removable drives, such as USB drives (also known as thumb drives). Whenever the pen drive is attached to the computer, the AutoPlay dialog box will show one additional option (as shown below).

The option Open folder to view files — Publisher not specified was added by the worm.

What Happenned on April 1, 2009?

Systems infected with the latest version of Conficker will begin to use a new algorithm to determine what domains to contact. It is possible that systems with the latest version of Conficker may be updated with a newer version of Conficker on April 1 by contacting domains on the new domain list.

Protecting PCs from Conficker

1. Apply the security update associated with MS08-067.

2. Make sure that your computer is running an updated and good Anti Virus.

3. Make sure you are using strong passwords (combination of alphabets, numerics and symbols).

No comments:

Post a Comment