Conficker arrives

Today one of the Downadup worm variant will start causing a lot of  noise in some computers and networks that 

don't have a proper security policy based on a good antivirus, patch management policy and network security. 

This new variant is known as Conficker.C.  

So please read the following recommendations.  

How does the worm infect a computer? 

The Conficker.C worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly 

install itself. Users who automatically receive updates from Microsoft are already protected from this. 

The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as 

memory sticks. 

What to do: 

1. Run a good security suite.  

2. Keep your computer updated with the latest patches..  

3. Turn off the “autorun” feature that will automatically run programs  found on memory sticks and other USB devices.  

4. Be smart with your passwords. 

5. For your customers as a safety precaution, you will need to block network perimeter access to any ports used 

by the threat

—in this case ports 139, 4152 and 445 TCP.  

What not to do: 

Don’t use “free” security scans that pop up on many websites. All too often these are fake, using scare tactics to 

try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. 

There is reason to believe that the creators of the Conficker worm are associated with some of these 

fake security products.

Be careful!