What You Need to Know About Conficker

If you're not familiar with it yet, then you had best continue reading. The Conficker, also known as Downup, Downadup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system.

On Wednesday, April 1, the latest variant of the Conficker downloaded new instructions. The sophistication of this worm and its botnet had many concerned, though apparently the amount of legitimate concern is a matter of debate. If, however, you are concerned, then here are some things you should know:

1. The overwhelming majority of systems infected with Conficker were infected due to vulnerability in the Windows RPC facilities. This vulnerability, however, was patched in October. If you happened to install that patch before Conficker was released (late December '08) then you were protected and still are. If you have not installed the update yet, it's essential that you do so.
2. Conficker can easily spread through network shares, including those that have weak passwords; the worm executes what is called a "dictionary attack" in which a list of common passwords (think "password", "asdf", etc.) are used to gain access to the share. An obvious deterrent for this kind of infiltration is using complex passwords, especially those that use numerals, letters and perhaps even punctuation.
3. Conficker can also spread by putting itself on removable drives like USB drives, and when it does; it sets the Autorun on those drives in order to run itself. So if you insert such a drive you could, at the very least, get a standard Windows Autoplay menu offering Conficker among its options. Sometimes it will disguise itself as the Windows option for opening Windows Explorer for the inserted drive. A good anti-malware program will detect it at this stage.
4. Anti-malware software might not be perfect, but it does have a very high rate of success. Conficker is about as high-profile as malware gets; all the companies have it and understand it well, and so if you have anti-virus software and keep it up to date it's hard for you to get attacked. Be sure to check the last date/time of your anti-malware software update, though, as Conficker can interfere with the ability of Windows and anti-malware programs to update themselves.
5. Download Free Conficker Removal Tool to Remove Conficker.