Hi all!
its been getting more widespread converage, but the Conflicker C. worm (linkie) (http://en.wikipedia.org/wiki/Conficker) is set to activate on April 1st. its a fairly nasty virus, so please take the time to check your PC's and especially your servers.
http://forums.mcafeehelp.com/showthread.php?t=225901
http://www.pcworld.com/article/157876/protecting_against_the_rampant_conficker_worm.html
please ask if you have any questions :)
So exactly do we protect against this, the articles say of a MS update, my update history only shows updates this year? I have no updates that need to be installed at the moment, so do I assume I have the update? And is there some tool that will tell you if you are infected?
Jonathan
Jus to make sure I went and found the link on the Wiki to Microsoft here (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx) for the download of the patch
Quote from: Warrior on March 30, 2009, 11:05:52 AM
So exactly do we protect against this, the articles say of a MS update, my update history only shows updates this year? I have no updates that need to be installed at the moment, so do I assume I have the update? And is there some tool that will tell you if you are infected?
Jonathan
vista? the security rollouts are different from kernel to kernel.....vista, 7, and 2008 are all using a similar kernel which needs a patch. XP, 2000, 2003 all use another update. your old updates may be gone due to a service pack update, but i'd physically search your hard drive for the $NTUninstallation folder for the appropriate patch to ensure it was done.
download March 09 Malicious software removal tool and malwarebytes. also, disable autorun feature in the registry (there's a tech bulletin on how to accomplish this).
bdtools.net had a removal tool for Conflicker, but i tried to download it today and caught the PAK Generic.001......so looks like someone hacked the domain to infect the only existing tool to remove this beast.