Worm:Win32/Conficker.B (?)

Discussion in 'Submit Normal Help Requests' started by KevinL, Jan 3, 2013.

  1. KevinL Administrator

    Encyclopedia entry
    Updated: Jul 14, 2011 | Published: Dec 30, 2008

    Aliases
    TA08-297A (other)
    CVE-2008-4250 (other)
    VU827267 (other)
    Win32/Conficker.A (CA)
    Mal/Conficker-A (Sophos)
    Trojan.Win32.Agent.bccs (Kaspersky)
    W32.Downadup.B (Symantec)
    Confickr (other)

    Alert Level (?)
    Severe

    Antimalware protection details
    Microsoft recommends that you download the latest definitions to get protected.
    Detection last updated:
    Definition: 1.137.1552.0
    Released: Oct 11, 2012Detection initially created:
    Definition: 1.49.1183.0
    Released: Dec 30, 2008



    Summary
    Worm:Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.

    Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

    Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.

    Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029 .

Share This Page