Tuesday, March 31, 2009

Preparing for Conficker.c

Today’s the last day to make sure your computers are protected from a worm program that will impact many Windows PCs around the globe tomorrow, April 1st. The worm is called Conficker.c, and we don’t really know exactly what it will do.

Here’s an excerpt from CNN:
Remember the dire predictions surrounding the "millennium bug?" The doom-and-gloom scenarios bandied about by security analysts on how computers could act when their clocks turned to January 1, 2000?

Well, researchers are hoping that a potential April Fool's time bomb -- the Conficker.c that is supposed to hit computers on April 1 -- turns out to be equally unfounded.

But realizing that hope alone is not a prudent option, here is a primer on the worm so you can adequately prepare yourself -- and your computer.

What is Conficker.c and what do analysts fear it may do?
Conficker.c is a worm, a malicious program thought to have already infected between 5 million and 10 million computers.

Those infections haven't spawned many symptoms, but on April 1 a master computer is scheduled to gain control of these zombie machines, said Don DeBolt, director of threat research for CA, a New York-based IT and software company.
Here’s a link to the Microsoft security bulletin: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx .

What should you do? First, know that this worm only affects Windows systems. Then, take the following steps:
  1. Make sure your PC’s virus program’s definitions are up to date.
  2. Make sure your Windows operating systems are currently patched, especially including patch MS08-067 (KB958644). If you participate in our WSUS patch management service, you can look at your WSUS server and tell which computers don’t have this patch. If you don’t participate in our WSUS patch management service, you should check every Windows PC and server. You can check by going to the Control Panel and clicking Add/Remove Programs. Click the box that says Show Updates, and look for patch KB958644 under operating system software updates.
  3. Scan your PCs and servers to make sure they’re not already affected.

1 comment:

Art said...

If you're using XP, upgrade to SP3 and you won't have an issue.