Conflicker – I mean, seriously

2009 April 2
by Andy

If you don’t already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley – there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the McAfee discussions.

The panic over this and other worms like it makes me mental.  Don’t get me wrong, these things can cause all kinds of havok not only in terms of potential identity theft, but also tons of lost hours to clean infected machines.  But if you pay just a little attention to security you’ve been innoculated against this and other threats like it for months.  Way back in October 2008 Microsoft released patch MS08-067 to close the security hole that conflicker exploits.  This was an out of band update, meaning Microsoft released the patch outside of the normal monthly patch release because it thought the release was critical.  I know that at my firm, we took this very seriously and had every node patched within two weeks, then made the patch “autofix” meaning that any node that connected to the network would get the patch automatically.

Getting rid of this worm is a pain in the ass if you have it, but protecting yourself from the exploit, which effectively makes the thing benign, is really easy.  Run Windows Update!  If you are infected, there are lots of resources to get rid of it.  Most decent anti-virus programs will get rid of it – McAfee, Norton, AVG, etc.  Google conlicker and you will get tons of help.

I hate the way the media jumps on these things and makes people panic for no good reason.  When did the news become just fear-mongering?  And what good does that do for anyone?  I suppose rasing awareness of malware is ultimately a good thing, but do they have to make it seem like the world is coming to an end?

Patch your system and you are fine.

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Blog Traffic Exchange Related Posts
  • SVCHOST.exe - What is it and why are there so many of them? I get asked this a lot.  When you run Task Manager in XP and look at the process list, you see tons of svchost.exe processes running.  You can't kill them (you don't really want to) and there's no obvious reason that there are so many of them. What are they? ......
  • Windows 7 - First impressions So far so good - I installed the beta on a couple of laptops in the last month, and so far I like what I see.  It's very much Vista centric, but without the sllllloooooowwwwwness.  Boot time is much improved (under a minute) and there are some added features that......
  • Growl for Windows Growl v2.0 beta 18 was recently released for Windows - should you care?  If you are like most people, it is getting harder and harder to keep up with everything happening around you on the web.  Twitter, facebook, email, calendar, IM - the draws on your attention are almost overwhelming. ......
  • The Nickname Cache in Outlook - Get to Know your .NK2 file Have you ever wondered where Outlook stores data it uses to auto-complete email addresses when you are typing in the To or Cc field?  Microsoft stores this data in a file with the extension .NK2.  The file is stored in each user's profile in drive:\Documents and Settings\user name\Application Data\Microsoft\Outlook.  Note......
  • Gmail Calendar and Contacts Sync to Outlook You would think this would be easy, right?  Well it is.  Sort of. Google in their infinite wisdom provides an application to sync your Google Calendar to Outlook, but not your contacts.  I hope this on the way, but for now you need to use a third party app to......
Blog Traffic Exchange Related Websites
  • How To Save $100-$1,000 By Troubleshooting Your Faulty Computer “Oh, wow. Looks like it’s completely dead! At this point, it’s not even worth saving. You might as well just buy a new computer.” “Really, we can’t just fix it? It’s only 2 years old!” Have you ever had that conversation before? It’s pretty common at retail establishments like Best......
  • Home Network Security [/caption] Home Computer security 1. What is computer security? Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Detection helps you to determine whether or......
  • German Government: Stop Using Internet Explorer [/caption] In a statement issued today, the German Federal Office for Security in Information Technology (known as BSI) recommends that all Internet Explorer users switch to an alternative browser. They may resume using Explorer after a fix is issued by Microsoft for a critical vulnerability that has been implicated in......
  • Add Window Security Bars to Secure Your Home Windows There are many reasons that people turn to window security bars but in the end it all comes down to one thing-increasing the safety of their property, be it in the home or for business. Some reasons for using them may appear obvious but others may not be so self......
  • Window Glazing Repairs If you're not ready to sink money into replacement windows but your windows are drafty and in poor shape, you can make simple window glazing repairs yourself. Also known as reglazing, this is simply the removal of the old glazing (the putty around the panes of glass) and application of......

from → Security, Windows

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS

Powered by Zingiri, MyBB