There’s a lot of tech jargon when reporting the new variant of the Conficker worm, Conficker B++. We’ll skip it.
We previously reported on the miseries of the Conficker worm, AKA W32.Downadup.B: think locking you out of system directories, blocking access to security software and updates, and deleting any system restore points in your computer.
Conficker spread fast earlier this year; at one point Conficker infected over 6 million PCs within four days. Conficker generated random domain names to download more malware from, which created delays in stopping Conficker. Lucky for us, techies cracked the Conficker code, discovering how the worm generated those domains, and blocking access to them for most computer users.
Hold that “phew”: now Conficker B++ uses fresh, stealthier techniques. The SRI Report says that Conficker B++ bypasses the use of Internet Rendezvous Points, using a DLL patch and pipe backdoor to execute its code.
So how do you prevent Conficker B++? The Microsoft patch is critical in fighting Conficker B++. Microsoft’s corporate-friendly language hardly expresses the pain Conficker B++ could mean to you—don’t let understated sentences like “Vulnerability in Server Service Could Allow Remote Code Execution” have you delay these updates. Windows XP and earlier systems are especially vulnerable—if you haven’t already, set your computer to automatically update.
Conficker also exploits commonly used passwords. If you use any of the weak passwords that Conficker exploits, even only for low-value sites, make sure you change them.
Yeah, we’re referring to “sdrowssap”.
Guest Writer: This is a guest post by Kristopher Dukes of FasterPCCleanClean.com – an invaluable asset in the battle against malware. Pay a visit to FasterPCCleanClean.com, and I’m convinced you’ll become a regular visitor.
The content of this article is copyright 2009 © by Dukes Media, LLC All rights reserved.