UK’s daily The Register has been reporting (here) that 3 out of 10 computers running Windows are facing ConfickerWorm attacks. According to Wikipedia, it uses flaws in Windows software and Dictionary attacks on administrator passwords to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors.
Conficker vhas since spread rapidly into what is now believed to be the largest computer worm infection since the 2003 SQL Slammer, with more than seven million government, business and home computers in over 200 countries now under its control.
The worm has been unusually difficult to counter because of its combined use of many advanced malware techniques.
Two variants of Conficker affected computers connected to the global networks. During early November 2008, Conficker was launched and propagated via Internet exploiting a vulnerability in a network service (MS08-067) on various Windows versions: Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008 including Windows Server 2008 R2 Beta.
In response to this, Microsoft released an emergency out-of-band patch on October 23, 2008 to close this vulnerability in Windows 7 (public beta). Despite all these, a large number of Windows PCs estimated to be around at 30% continued to remain unpatched as late as January 2009.
The second variant of the Confiker worm was discovered on December 2008. It added the ability to propagate over LANs through removable media and network shares allowing the worm to propagate quickly and by January 2009, the estimated number of infected computers ranged from almost 9 million to 15 million.
According to Antivirus software vendor Panda Security, 2 million computers analyzed through ActiveScan reports around 115,000 (6%) were infected with Conficker .The worm continues to change in its propagation activity and update strategy of recent variants. This how-to focuses on removing the Conficker Worm as well as the relation between Conflicker and fake Antivirus protection software.
Source:- techmagnews.com