F-Secure recently issued an alert about that an outbreak of the W32/Conficker.worm (a more common name of the worm is “Downadup” worm) is wrecking havoc to a number of computers. A number of computers could probably means from 2 computers to a million or more. Since units infected by the worm will not show any signs of problem.
The worm exploits the MS08-067 vulnerability that was posted by MS last October 23, 2008. This hole could allow remote code execution.
To avoid being infected, you may want to do the following.
- As with any security vulnerability, make sure that you have the latest patch, updates and version for your software, including OS , Browser, anti-virus and anti-spyware programs.
- Make sure that your passwords or domain passwords are strong, don’t just use alphanumeric, also use special characters.
- Then disable the Autoplay of Audio CDs and USB Drives.
To disable Autoplay of Audio CDs and USB Drives, please follow these steps below:
Go to Start Menu \ Run and type in: gpedit.msc. On the Group Policy window, select Administrative Templates then System.
On the right pane, double click on “Turn off Autoplay”,
Since there are a number of ways the worm spreads itself, in the event that you got infected here’s a quick list on what you can do.
1. Check with your anti-virus vendor for cleaning and disinfection steps.
Mcafee | Norton | TrendMicro | Panda Security
2. When cleaning or disinfecting the virus, you may need to shutdown your network to avoid future infection.
3. You refrain using any USB drives that were connected to any suspected computer, you
For more reading about this issue, refer to the links below:
- Microsoft Security Bulletin MS08-067 – Critical
- F-Secure Warns About a Worm Affecting Corporate Networks
Last modified: January 22, 2009