'Huge increase' in worm attacks plague unpatched Windows PCs
A computer worm that exploits a Windows bug Microsoft Corp. patched more than two months ago continues to wreak havoc, a security company said Monday, as it boosted its overall threat ranking and warned users to patch their PCs.
"We've seen a huge increase in the number of [malware] samples, as well as infections," said Ryan Sherstobitoff, chief corporate evangelist at Panda Security, referring to the "Conficker.c" worm.
In response, Panda upped its Global ThreatWatch to "orange" status, a move that means the company believes users face "an important danger."
The worm, which was first reported by Panda and other security companies on Dec. 31, 2008, exploits a vulnerability in the Windows Server service that's part of all currently supported versions of Microsoft's operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008.
Microsoft issued an emergency patch Oct. 23 to fix the flaw with one of its rare "out of cycle" updates.
Conficker.c, said Sherstobitoff, pings machines with malformed RPC (remote procedure call) packets in the hope of finding PCs not yet patched with the October update. The worm can also spread via brute-force attacks against systems' usernames and passwords, and from an infected PC to a USB-based device, such as a flash drive or digital camera, on which it then hitchhikes to another computer.
Once on a system, the worm downloads new versions of itself from a rapidly changing list of malicious Web sites, tries to block most security software updates, and installs more malware on the machine.
"The biggest issue is replication over the network," said Sherstobitoff, who added that the USB attack vector, while serious, has so far played just a small part in the overall picture.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.














Just a Little
Just a little late with this article. The infestation of downadup.b has been growing for the past week at a alarming rate. I have been removing this worm from machines for the past week. All I have to say is any effected machine should be removed from the network due to the broadcasting of this virus.バッテリー
大阪でバッテリー販売。 セルモーターリビルト。 オルタネーターリビルト。リビルト在庫多数。大阪で電装品販売。リンク品在庫多数。大阪でウイング車モーター修理・販売・在庫多数。大阪でパワーゲート車モーター修理・販売・在庫多数。