Mainstream media is beginning to sound the alarms about the Conficker-C worm which is believed to be affecting more than 2 million Windows PCs. Conficker spreads by an RPC-DCOM flaw in Windows, as well as by network shares–logging into machines that use weak passwords–and by removable media. There is a trigger in the code to download new instructions on April 1st, 2009. Much like the Mydoom or the Sobig worms of years past, researchers know a date when an update is expected to occur, but don’t know exactly what will happen. And, much like those years past, it is likely that not much will occur.

Microsoft along with other security researchers created the Conficker Cabal which has put a $250,000.00 bounty out for information leading to the arrest and convication of those responsible for this particular bit of malware.  F-Secure has a good Frequently Asked Questions list about Conficker and the April 1st trigger.

Bottom line: make sure your system is clean, preferably before April 1st.  Lots of companies have free testing and cleaning tools. Clean your system, and you’ll have almost nothing to worry about on April 1st.

Tags: conficker

This entry was posted on Thursday, March 26th, 2009 at 3:13 pm by Peter Hesse and is filed under hacking, software. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.