New Conficker B++ Worm Discovered, More Stealth
A new variant of the Conficker/Downadup worm has been detected. The worm opens a backdoor on an infected machine and allows hackers remote control of infected PCs.
Dubbed Conficker B++ (and not to be confused with Conficker B), the new variant of the worm opens a backdoor with auto-update functionality, allowing a hacker to distribute malware to infected machines.
It's difficult to know exactly how long Conficker B++ has been circulating, but researchers first noticed it on February 6 of this year. (Source: pcadvisor.co.uk)
10.5 Million Computers Infected
Machines infected by the Conficker/Downadup worm can be used to send spam, to log keystrokes or to launch denial of service (DoS) attacks, but reports suggest that for the most part, that has not been happening.
The worm spreads by exploiting a dangerous Windows bug to attack computers on a local area network and by USB devices. According to SRI International research, about 10.5 million computers have been infected with variants of Conficker. (Source: pcadvisor.co.uk)
The Technical Analysis
Conficker B++ is no longer limited to re-infection by similarly structured DLL files, but can now be pushed in new self-contained Win32 (executable) applications. These executables can infiltrate the host using methods that are not detected by the latest anti-Conficker security applications. (Source: mtc.sri.com)
Under Conficker B++, two new paths to binary validation and execution have been introduced to Conficker drones, both of which bypass the use of Internet rendezvous points, increasing the flexibility of the direct flash mechanisms which offer the ability to load digitally-signed Win32 executables directly to a Conficker host.
Microsoft Security Bulletin MS08-067 Patches Flaw
The Conficker/Downadup worm has been able to proliferate widely because many PC users have not applied the patch supplied by Microsoft. Security Bulletin MS08-067 from Microsoft patches the Windows flaw. Information that will help you find out if your computer is infected and how to fix it is available from Microsoft. (Source: microsoft.com)
Detailed information on all variants of the Conficker/Downadup worm can be found from SRI International Research.
Visit Bill's Links and More for more great tips, just like this one!
Free eBook: The Windows 7 Guide: From Newbies to Pros. In this 46 page guide you will be introduced to Windows 7 and what it has to offer. It will teach you about the new taskbar, how to resolve software compatibility issues, how to customize Windows Aero, and explain what the Windows 7 Libraries are all about. Also included: a detailed list of what software is included in Windows 7, and how easy networking is with Windows 7 along with other topics. The advice within this guide will help new users become acquainted with Windows 7 and can also help those who are on the fence about purchasing Windows 7 decide if it would be a good idea. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.