|
Warning to Windows Users: Conficker, IMPORTANT!
If you use Windows and do not have it set to automatically update, you need to run security updates TODAY to help avoid any problems with the Conficker worm. To run windows updates, simply open Internet Explorer, go to Tools, Windows Updates and follow all the prompts to update your PC.
Conficker is a worm that has infected over 10,000,000 PCs world wide but it hasn't been doing anything yet except contacting it's "host" for instructions. It is believed that on April 1st (tomorrow), the host will be giving "instructions" to PCs all over the world to do "something" but nobody knows for sure what. There is speculation that it will pull passwords out of cookies for banking sites, there is speculation that all of the PCs will be told to "attack" certain web sites, there is lots of speculation and nobody knows exactly what it will do. Conficker has prevented some people from being able to reach www.mcafee.com and www.symantec.com to update virus scan files or download anti-virus software. Conficker has been infecting PCs through websites, some that we generally "trust" such as Ebay and SouthWest Airlines. It wouldn't hurt to run a full virus scan with updated virus scan files as well, but it primarily exploits a Windows security hole that is fixed with updates from Microsoft. It may bring whole corporations down as it is believed that the majority of PCs affected are actually business PCs where the IT folks do not have Windows Updates running automatically. This is NOT a hoax. http://news.cnet.com/8301-1009_3-10207852-83.html If you've been watching news at all, you've probably heard about this. 60 Minutes did a piece about it on Sunday and all the major news networks have been warning people. Protect yourselves folks! ETA: The blackout of 2003 that affected the whole northeast portion of the US was caused by a similar worm that brought down the PCs that were monitoring our electrical system. I'm not typically an alarmist, but we have become so dependent on computer systems and the internet that a worm like this could do real damage. Hopefully by getting the word out, all problems will be eliminated. |
Quote:
BTW, if you run Vista, you must run Windows Update from the Control Panel. If you try to run Windows Update through IE, you will be told to use Control Panel. |
Is the update new, or was it released earlier? I don't have any new Important updates, so I'm wondering if I already got it.
|
Thanks AGDee! I just updated!
|
They just swept my PC for it at work. I'm glad I have a Mac at home. :D
|
I'm on a Mac, but I've read that if you downloaded the security update for March, you should be OK.
As an extra precaution, I'd run your anti-virus software too. |
Quote:
|
Quote:
|
The patch was originally released in October so if you patch regularly, you should be good :)
Another patch that came out with the March release will help keep a USB drive from getting infected if your PC is already infected. |
Also, Conficker has been transmitting for months, and it's most likely just going to change parameters to start a new set of pop-ups or a DDoS attack . . . you should get checked, but it likely isn't the robot menace 60 Minutes indicated.
|
Quote:
|
Quote:
Plus, why would I listen to what 75 year olds have to say about modern computing technology? I mean, seriously . . . |
The problem is, we really don't know what it's going to do. It may end up being no big deal at all, but better safe than sorry, right? The variants have become more and more complex. It's a pretty fascinating worm for us IT geeks. The theories are that it's likely to go after big corporate systems in search of mass numbers of credit card numbers, social security numbers, etc. for financial gain.
ETA: For all we know, it's going to send out a pop up that says "April Fools!" :) |
Quote:
|
Please note that I'm running scans right now...
Wouldn't it be funny if this is an April Fool's joke on all of us?
|
Quote:
Besides, Russians are already stealing credit card information with more complex worms . . . Quote:
|
The latest version of this worm makes it look like a machine has been patched when a scan is run. One would think that Code Red, Blaster and Sasser would have everybody installing security patches regularly in some automated fashion. Microsoft provides free tools for admins to do this easily. There really is no excuse, yet networks like Southwest Airlines and CBS were infected anyway. It's the kind of thing that IT personnel should lose their jobs over because it's a very basic function of IT security and so easy to implement and FREE to implement as far as software solutions. Approving and applying security patches to all of our systems is simply a routine part of my job (including on our Ubuntu Linux and MAC systems because yes, there are security patches for Linux and MACs too!). While my department has a system down, I can't say that for all the departments in my system.
Another fairly unique attribute of this one is the ability to spread through USB flash drives. There are many that can spread through network drives easily, but generally, unless you transferred an infected file onto a USB drive unknowningly, you wouldn't have gotten a virus through the USB drive. This whole thing has confirmed my decision to get my Masters in IT security. It was like a huge adrenalin rush for me yesterday to double check all of our systems through auditing our security logs to identify which of our systems weren't patched and why (mostly laptops that simply haven't been turned on in in months and months). I believe this is my next niche :) |
A friend of mine posted this on Facebook this morning. He's one of the head IT guys at my alma mater. You can use it to see if your PC's been infected:
http://www.hawaii.edu/its/conficker/ I have a Mac at home, but a crappy PC at work. So far, so good. |
| All times are GMT -4. The time now is 07:45 AM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.