Conficker worm detected
| conficker-worm (48995) |  High Risk |
Description:
The Conficker worm is a network worm that targets network endpoints. Conficker builds a bot framework that might be used for spam or stealing confidential information from endpoints. Complete compromise may lead to exposure of confidential information, loss of productivity, and further network compromise.
This network worm spreads by one or more of the following mechanisms:
- Exploiting the Windows Server Service Vulnerability (MS08-067)
- Dropping a copy of itself into network and removable drives
- Dropping a copy of itself in network shares with weak passwords
Consequences:
Informational
Remedy:
Use an up-to-date antivirus application to determine if the target computer is host to the Conficker worm. If the application detects a backdoor, follow its instructions to disinfect and repair the computer.
References:
- IBM Internet Security Systems Protection Alert January 22, 2009: Conficker Worm.
Platforms Affected:
- Microsoft Windows 2000 SP4
- Microsoft Windows 2003 Server
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows Me
- Microsoft Windows NT
- Microsoft Windows Server 2008
- Microsoft Windows Vista
- Microsoft Windows XP
Reported:
Not available
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net