Kellia’s World – Recommended Reading

Challenging the assumptions we live by — Because I want to.

US-CERT Cyber Security Alert SA09-088A — Conficker Worm Targets Microsoft Windows Systems

Posted by kelliasworld on March 30, 2009

National Cyber Alert System

Cyber Security Alert SA09-088A

Conficker Worm Targets Microsoft Windows Systems

Original release date: March 29, 2009
Last revised: —
Source: US-CERT

Systems Affected

* Microsoft Windows

Overview

US-CERT is aware of public reports indicating a widespread
infection of the Conficker worm, which can infect a Microsoft
Windows system from a thumb drive, a network share, or directly
across a network if the host is not patched with MS08-067.

Solution

Install updates

The updates to address these vulnerabilities are available on the
Microsoft Update site. We recommend enabling Automatic Updates.

Description

The presence of a Conficker infection may be detected if a user is
unable to surf to the following websites:

* http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
* http://www.mcafee.com

If a user is unable to reach either of these websites, a Conficker
infection may be indicated (the most current variant of Conficker
interferes with queries for these sites, preventing a user from
visiting them). If a Conficker infection is suspected, the user
should run the Microsoft Windows Malicious Software Removal Tool
and install updates available from the Microsoft Update site.

References

* Microsoft Windows Malicious Software Removal Tool –

* Microsoft Updates Website –

* US-CERT Technical Cyber Security Alert TA09-088A –

* Virus alert about the Win32/Conficker.B worm –

* The Conficker Worm –

* W32/Conficker.worm –

* Microsoft Automatic Updates –

____________________________________________________________________

The most recent version of this document can be found at:


____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to with “SA09-088A Feedback VU#827267” in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit .
____________________________________________________________________

Produced 2009 by US-CERT, a government organization.

Terms of use:


____________________________________________________________________

Revision History

March 29, 2009: Initial release

Advertisements

6 Responses to “US-CERT Cyber Security Alert SA09-088A — Conficker Worm Targets Microsoft Windows Systems”

  1. trend watch : US-CERT Cyber Security Alert SA09-088A — Conficker Worm Targets ……

    […]Install updates. The updates to address these vulnerabilities are available on the. Microsoft Update site. We recommend enabling Automatic Updates. De[…]…

  2. Conficker.A and Conficker.B can both be removed using free software like F-Secure’s Downadup removal software as well as bdtools which was made just for this. However Conficker.C has to be removed manually still. In just another day a fix will be made for it. You can view the Microsoft site for more information on how to remove this manually.

  3. Joe said

    I’ve heard from multiple sources that the Conficker worm won’t be a threat to Mac users, thank goodness

    • kelliasworld said

      It appears that most, if not all, worms, viruses, etc. hit Microsoft but not MAC. Can you or anyone else reading this explain why that is the case?

  4. now in my rss reader)))
    ————————
    sponsored link: http://xabul.ru/

  5. advandzer said

    great domain name for blog like this)))
    ————————
    my blog: http://ponon.ru/euh389x

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: