"The Conficker worm will be active again on 1 April, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA.
This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member "botnet" of zombie computers that can be controlled remotely by the worm's as yet unidentified authors.
Since it first appeared in October 2008 it has apparently infected more than 15 million computers around the internet, though even that number is no more than an educated guess because the worm works very hard to disguise its presence on a PC.
The worm turns
Conficker spreads through a security vulnerability in the Windows Server Service that allows a carefully written program to persuade the attacked computer to run malicious code instead of the Microsoft-written software.
Once installed it turns off Windows Automatic Update and stops you using the Windows Security Centre. It disables a range of internal services that could be used by anti-malware programs, blocks access to a number of anti-virus websites and even resets and deletes system restore points so you can't go back to an uninfected installation of your operating system.
And at some point it connects to a remote site to download additional malware and register itself as part of the botnet. The analysis of the latest version indicates that this will next happen on April 1st, and the day maybe a bad one because the way it does this has changed in the latest version of the worm, making it significantly harder to stop.
Previous Conficker infections were controlled to some extent because security researchers were able to determine which servers the worm was going to try to contact and block access to them before it did so. But the C variant has a much larger pool of potential domains to choose from, as it selects 500 target servers from a pool of 50,000 while previous versions chose 32 from 250.
As a result the ad hoc group of security researchers who have been working to limit the botnet's use, the Conficker Cabal, will have a much harder time ensuring that infected systems do not make the connection to the remote service that may allow them to be used to send spam e-mail, log user keystrokes or launch denial of service attacks on other computers.
We will have to wait until April to see how effective efforts at controlling Conficker are, but the analysis that has been done to date shows that it is a particularly well-designed program, one that will be hard to beat.
Courtesy/Source: http://news.bbc.co.uk/2/hi/technology/7946574.stm
Freinds , Collegues let's updates and patch our Windows Servers , systems ,pcs, etc............
Kindly Update all your systems with Microsoft Patches & updates...........
Critical Security update from Microsoft available kindly update it ASAP..........
More Info from Microsoft:-
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment