Posts

Showing posts from January, 2009

Win32/Conficker.B/Downadup infections

Reports of a new worm Conficker, Kido or Downadup are doing the rounds. Win32/Conficker.B exploits a vulnerability in the Windows Server service (SVCHOST.EXE) for Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows 2008. Attacked systems may lock out users, disable our update services and block access to security-related Web sites. Microsoft addressed this issue in October with Microsoft Security Bulletin MS08-067 , and Forefront antivirus and OneCare (as well as other vendor’s anit-virus products) helped protect against infections, many systems that have not been patched manually through Server Update Services and Microsoft/Windows Update or through Automatic Updates have recently come under attack by this worm. The systems which have already applied the out-of-band released MS08-067 in October 2008 are protected, unpatched system user have experienced system lockout and other problems. However, given the present spread, Microsoft has taken the following a