Business internet security

Conficker worm update

I hadn’t realised but the Conficker worm is programmed to go live on April 1st.  This malware has already been the source of problems for IT managers but nobody knows what it is really destined to be used for.

Currently it accesses 250 ip addresses from which it can take instructions.  On April 1st this is due to rise to 50,000 which makes managing any attack a lot harder.  The nature of the attack to come is still unknown.

The good news, and the point of this post, is to update readers on the fact that over the weekend industry security specialists have finally identified how to “fingerprint” Conficker.  This means that simple security scanners can be used to detect whether it is on your PC. 

Previously it has involved length full virus scans on computers.  A process that when multiplied by the number of PCs in an organisation could have been impossibly long and consumed huge amount of IT support effort.

Because April 1st is so close the recommendation is that you check with your security vendor to see whether they have an update and to implement that update asap.  Don’t take any risks.

End User internet security

Conficker Virus (also known as downadup)

I picked up the Conficker worm whilst at LINX64 yesterday.  I’m pretty sure I was one of the few Microsoft users in the audience of out and out geeks so I know not whence it came.

My virus checker caught it, or at least told me it was there. This morning I gave my machine a complete set of security updates and it is now clean.

This is not an easy worm to remove. You can use a free tool provided by Symantec at this location. The Microsoft update that patches the vulnerability is at this location.

Business security

$250k reward posted by Microsoft

I see that Microsoft has offered a $250k reward for the arrest and conviction of the authors of the Conficker worm. This is the one that was causing Timico customers issues in the run up to and over the Christmas break.

I did suggest to one of our tech support guys that were he to admit to the offence the rest of us (who would have pocketed the cash) would be eternally grateful. Funnily enough he didn’t think it was a good idea.

I do get images though of a bounty hunter turning up at the Microsoft HQ in Seattle with a guilty looking nerd roped kicking on to the saddle of his horse.