Employment

Kuwait

Lifestyle

Reviews

Society

Home » Alert, Annoyances, Events, Internet, Software, Technology, WWW, Weird

ALERT: DOWNADUP / CONFICKER virus may hit on April 1: Removal guidelines

Submitted by DA on Monday, 30 March 2009No Comment

computer-virus

Microsoft recommendations & procedures:

Win32/Conficker is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Depending on the specific variant, it may also spread via removable drives and by exploiting weak passwords. It disables several important system services and security products and downloads arbitrary files.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

For more information please check this link: http://www.microsoft.com/security/portal/Entry.aspx?Name=Win32/Conficker

Symantec recommendations & procedures:

Symantec Security Response Centers http://www.symantec.com/security_response/ is researching a new variant of Downanup worm which might be set to activate on April 1st.  As Downanup worm exploits the vulnerability addressed by MS08-067 we still stand on the same recommendation:

  • Symantec strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
  • Symantec also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
  • Please be sure that you run SEP 11 Latest version and install all SEP features not only Antivirus /Antispyware http://www.symantec.com/business/endpoint-protection

You can find more information about this worm at

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1.pdf

http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=1

Symantec will continue to monitor the situation and will post updates when necessary.

ESET Removal Procedure

Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.

Please follow this link to know the best recommended removal procedure by ESET: http://www.eset.com/threat-center/blog/?p=865

Related Posts:


»ALERT: Deadly Facebook virus ‘KoobFace’ spreading. Sensitive data theft involved.
»Gulf Jazz Festival in Radisson SAS Kuwait April 15-17 details
»Free Classifieds for Kuwait on ChillNite.com
»Warning: Cell phone explodes inside the car
»Unstable and chaotic weather forecast for Kuwait?

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.