- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
There's some serious FUD out there right now about what the Conficker worm will do on April 1. But according to those in the know, you probably don't have to worry.
Conficker.C variant set for April 1st surprise, CA says
A search is launched for Conficker's first victim
According to Joe Stewart, a security researcher at SecureWorks who knows what's what when it comes to malware, "there will be no April 1st outbreak." Clean PCs won't suddenly melt down from a new Conficker infection. All that will happen, Stewart writes, is that the worm will begin to use a new trick that gives it a better chance of getting around existing defenses that attempt to prevent it from updating. The ability has been around since a new Conficker variant came out earlier this month, but it won't activate until April 1st, Stewart says.
Put another way, if you're not infected on April 1st, nothing will happen to you. If you are infected with Conficker, it will attempt to update itself. That update could theoretically contain instructions to do something drastic, like wiping out a hard drive, but that's pretty unlikely. Conficker's creators stand to gain nothing by such a destructive act, and malware these days is all about gain.
And there's a relatively simple check to see if you're infected with Conficker: Point your browser towards f-secure.com, secureworks.com, microsoft.com or other security sites. If you get a "page cannot be displayed" error for all the sites, there's a good chance they're blocked by Conficker or similar malware on your PC.
If that happens to you, you'd also be blocked from normally downloading free Conficker removal tools. But you can get around the malware blocks by using a Web proxy or alternate download links, according to Stewart. Here are some links:
Microsoft Malicious Software Removal Tool: http://mscom-dlcecn.vo.llnwd.net/download/4/A/A/4AA524C6- 239D-47FF-860B-5B397199CBF8/windows-kb890830-v2.6.exe
F-Secure removal utility ftp://193.110.109.53/anti-virus/tools/beta/f-downadup.zip
McAfee's removal tool http://67.97.80.71/vil/conficker_stinger/Stinger_Coficker.exe
- McAfee just released this Stinger build today, and says it will update it on a daily basis to include new Conficker variants.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (3)
Thank goodness, cooler heads prevailBy Anonymous on March 30, 2009, 11:42 amWhile I do think some "alerting" is needed to tell folks once again to patch their systems and keep Antivirus up to date, this is a serious red herring. Those that...
Reply | Read entire comment
Re: April Fool's Conficker Threat is Likely Hype By Anonymous on March 30, 2009, 7:16 pmWhat do they possibly gain from using viruses? Nothing, but they still do it. Just because there's no prize for what you do doesn't mean you don't to do it. They...
Reply | Read entire comment
Fake Fake Fake!By Anonymous on March 30, 2009, 9:01 pmFake,Fake,Fake,Shame On Security Expest,It Is Hoax!
Reply | Read entire comment
View all comments