The security flaw that this worm uses to propagate itself was discovered back in October 2008. Microsoft issued a “patch” in order to fix this system issue the last week of October as well. It was considered an “out of cycle” or “emergency” update for the Windows operating system due to the danger of the security exploit, which includes allowing the worm to execute code on your computer. Affected systems include: Windows XP, Windows 2000, Windows Server 2003/2008 and Windows Vista (all Vista versions).
We even blogged about this back in December. Clearly, it is still an issue.
The resurgence of the “Downadup/Conficker” worm infections most likely can be attributed to machines connected to the Internet that have not been properly updated with the latest Microsoft Windows updates. This worm, according to anti-virus engineers, can also download other files to a compromised computer using the security hole the update is intended to fix, and can affect your network performance.
As Microsoft classifies this update as “critical,” we strongly urge you to make sure your computer has been fully updated.
If your automatic updates are turned on, you should be all set. (Check by going to Start –> Control Panel – Automatic Updates/Windows updates)
If you are not sure, you may visit Microsoft’s Web site here and manually download the patch for your flavor of Microsoft Windows. Should you have any confusion as to which version you have, check with your local computer consultant for assistance.
Another step you can take to help protect yourself from this and other Internet baddies is to make sure you have an up-to-date anti-virus program, anti-spyware program, and some sort of firewall enabled as well. Avoiding opening email attachments from strangers help too.
In addition, be wary of any random popup that insists you are infected with a virus, and offers to sell you software to get rid of it. In fact, if you see such a popup, run the other way: it’s a false anti-virus package in disguise, and chances are pretty good it has infected your system. Giving them your credit card number is an easy way to become a victim of identity theft.
For further safety of mind, check out Microsoft’s Malicious Software Removal Tool here. Run it and see if it finds anything on your computer. This tool is only intended to compliment a mainstream anti-virus program, not act as a replacement.
The above steps can help ensure your computer doesn’t become a “zombie” host to an unwelcome Internet visitor. Keep your computer from joining the electronic undead, by thinking safe, and keeping it updated.