I hadn’t realised but the Conficker worm is programmed to go live on April 1st. This malware has already been the source of problems for IT managers but nobody knows what it is really destined to be used for.
Currently it accesses 250 ip addresses from which it can take instructions. On April 1st this is due to rise to 50,000 which makes managing any attack a lot harder. The nature of the attack to come is still unknown.
The good news, and the point of this post, is to update readers on the fact that over the weekend industry security specialists have finally identified how to “fingerprint” Conficker. This means that simple security scanners can be used to detect whether it is on your PC.
Previously it has involved length full virus scans on computers. A process that when multiplied by the number of PCs in an organisation could have been impossibly long and consumed huge amount of IT support effort.
Because April 1st is so close the recommendation is that you check with your security vendor to see whether they have an update and to implement that update asap. Don’t take any risks.
One reply on “Conficker worm update”
some words of wisdom from randy abrams here http://www.eset.com/threat-center/blog/?p=893