Conflicker – I mean, seriously

2009 April 2
by Andy

If you don’t already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley – there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the McAfee discussions.

The panic over this and other worms like it makes me mental.  Don’t get me wrong, these things can cause all kinds of havok not only in terms of potential identity theft, but also tons of lost hours to clean infected machines.  But if you pay just a little attention to security you’ve been innoculated against this and other threats like it for months.  Way back in October 2008 Microsoft released patch MS08-067 to close the security hole that conflicker exploits.  This was an out of band update, meaning Microsoft released the patch outside of the normal monthly patch release because it thought the release was critical.  I know that at my firm, we took this very seriously and had every node patched within two weeks, then made the patch “autofix” meaning that any node that connected to the network would get the patch automatically.

Getting rid of this worm is a pain in the ass if you have it, but protecting yourself from the exploit, which effectively makes the thing benign, is really easy.  Run Windows Update!  If you are infected, there are lots of resources to get rid of it.  Most decent anti-virus programs will get rid of it – McAfee, Norton, AVG, etc.  Google conlicker and you will get tons of help.

I hate the way the media jumps on these things and makes people panic for no good reason.  When did the news become just fear-mongering?  And what good does that do for anyone?  I suppose rasing awareness of malware is ultimately a good thing, but do they have to make it seem like the world is coming to an end?

Patch your system and you are fine.

Add to Del.cio.us RSS Feed Add to Technorati Favorites Stumble It! Digg It!
    www.sajithmr.com

Blog Traffic Exchange Related Posts
  • SVCHOST.exe - What is it and why are there so many of them? I get asked this a lot.  When you run Task Manager in XP and look at the process list, you see tons of svchost.exe processes running.  You can't kill them (you don't really want to) and there's no obvious reason that there are so many of them. What are they? ......
  • WEP vs WPA Another question I get asked a lot is on Wireless security.  People get very confused by the security options out there, and the industry doesn't help by adding acronym after acronym.  So what do you do?  The answer is fairly simple - secure your network with WPA!! There are lots......
  • Outlook Secure Temporary File Folder Symptom - can't open attachments to emails. This is one of the things about Micrsoft that will eventually push me over the edge. A few months back, my CFO called me in to his office saying he couldn't open attachments from an email in Excel.  I poked around a bit,......
  • Growl for Windows Growl v2.0 beta 18 was recently released for Windows - should you care?  If you are like most people, it is getting harder and harder to keep up with everything happening around you on the web.  Twitter, facebook, email, calendar, IM - the draws on your attention are almost overwhelming. ......
  • Dual core processors for mobile devices? ARM dual core chips for iPhone, Palm Pre next year CNET is reporting that ARM, the company responsible for designing the architecture behind most mobile comuting CPU's said  that mobile phone makers will be delivering devices that run on ARM"s latest dual core CPU's as early as next year. They are referring to the ARM Cortex-A9 MPCore application processor.  According......
Blog Traffic Exchange Related Websites
  • Let’s Cheer Ourselves Up - Again! There’s always some kind of problem that is going to have dire consequences somewhere in the world. All sorts of things seem to happen around the globe which, taken over seriously, could make anyone despondent. Of course potential and known problems have to be taken seriously but a lot......
  • New Google Operating System Confirmed There have long been rumors of a Google Operating system. Last night those rumors were finally laid to rest with the announcement that a new Google operating system is in the works. If you ask me, the Google Chrome OS will really be nothing more than a Linux distribution. It......
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • Window Glazing Repairs If you're not ready to sink money into replacement windows but your windows are drafty and in poor shape, you can make simple window glazing repairs yourself. Also known as reglazing, this is simply the removal of the old glazing (the putty around the panes of glass) and application of......
  • Washing Windows 101 Washing windows is one of those household chores that no really looks forward to. But cleaned windows can really give the appearance of your home, both inside and out, a boost. If you've been spraying window cleaner and rubbing away with paper towels, or hosing off those upper floor windows,......

from → Security, Windows

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS