Conflicker – I mean, seriously

2009 April 2
by Andy

If you don’t already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley – there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the McAfee discussions.

The panic over this and other worms like it makes me mental.  Don’t get me wrong, these things can cause all kinds of havok not only in terms of potential identity theft, but also tons of lost hours to clean infected machines.  But if you pay just a little attention to security you’ve been innoculated against this and other threats like it for months.  Way back in October 2008 Microsoft released patch MS08-067 to close the security hole that conflicker exploits.  This was an out of band update, meaning Microsoft released the patch outside of the normal monthly patch release because it thought the release was critical.  I know that at my firm, we took this very seriously and had every node patched within two weeks, then made the patch “autofix” meaning that any node that connected to the network would get the patch automatically.

Getting rid of this worm is a pain in the ass if you have it, but protecting yourself from the exploit, which effectively makes the thing benign, is really easy.  Run Windows Update!  If you are infected, there are lots of resources to get rid of it.  Most decent anti-virus programs will get rid of it – McAfee, Norton, AVG, etc.  Google conlicker and you will get tons of help.

I hate the way the media jumps on these things and makes people panic for no good reason.  When did the news become just fear-mongering?  And what good does that do for anyone?  I suppose rasing awareness of malware is ultimately a good thing, but do they have to make it seem like the world is coming to an end?

Patch your system and you are fine.

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Blog Traffic Exchange Related Posts
  • Clear the page file on Shutdown in XP This is one of those tweaks for XP that is useful if you have users that have a lot of sensitive information on their machines and you want to be sure that none of that information is left in the Page File forever.  It's not a panacea, but is extra......
  • 10 Windows 7 Tips So far, Windows 7 is the bee's knees.  The more I find out, the more I like, which is saying a lot - with operating systems, it's usually the other way around! Here are a few things that make Windows 7 neat.  Big thanks to Tim Sneath for most of......
  • Outlook Secure Temporary File Folder Symptom - can't open attachments to emails. This is one of the things about Micrsoft that will eventually push me over the edge. A few months back, my CFO called me in to his office saying he couldn't open attachments from an email in Excel.  I poked around a bit,......
  • How do I find my Windows Product key? Another issue I come across now and again is finding the windows product key for a client who doesn't have the original software his machine came with.  In many cases, the OS product key is on the Microsoft label right on the machine, but if you need the Office product......
  • Remote reboot from MMC Have you ever needed to reboot a machine remotely? This is easy to do via MMC, the Microsoft Management Console. In XP, do the following. 1) Right click the My Computer icon and choose manage to bring up the MMC. 2) From there, go to the Action menu and choose......
Blog Traffic Exchange Related Websites
  • Window Glazing Repairs If you're not ready to sink money into replacement windows but your windows are drafty and in poor shape, you can make simple window glazing repairs yourself. Also known as reglazing, this is simply the removal of the old glazing (the putty around the panes of glass) and application of......
  • New Google Operating System Confirmed There have long been rumors of a Google Operating system. Last night those rumors were finally laid to rest with the announcement that a new Google operating system is in the works. If you ask me, the Google Chrome OS will really be nothing more than a Linux distribution. It......
  • Windows XP Fix for DNS Vulnerability possibly breaks XP Logon Screen Introduction The dorty hakkaz have spotted something so Microsoft et al have had to roll out a fix.  Specifically, it's a DNS hack that allows the bad guys to spoof code, pages and even complete websites!  Here are some bits of info today: http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx http://www.itpro.co.uk/604416/light-patch-tuesday-but-server-flaws-serious http://news.bbc.co.uk/1/hi/technology/7496735.stm Problem The trouble is......
  • Computer Security Computer security is a very important topic, that is why I want to write about it and let you know how I stay Spy-ware/Virus free.  Back then on the Internet you could do a simple search in google, saying spy-ware scanner, or anti virus scanner, but these days are......
  • German Government: Stop Using Internet Explorer [/caption] In a statement issued today, the German Federal Office for Security in Information Technology (known as BSI) recommends that all Internet Explorer users switch to an alternative browser. They may resume using Explorer after a fix is issued by Microsoft for a critical vulnerability that has been implicated in......

from → Security, Windows

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS