Downadup, the superworm that attacks a patched vulnerability in Microsoft Windows, is making exponential gains if estimates from researchers at F-Secure are accurate. They show 6.5 million new infections in the past four days, bringing the total number of machines it has compromised to almost 9 million.This is bad - really bad.
So what do you do? Well, if you use Macintosh or Linux, you can kick back and have a beer. Windows users, not so much:A confluence of factors are responsible for the growth of Downadup, which also goes by the name Conficker.
For one, the underlying vulnerability allows for self-replicating attacks in the 2000, XP, and Server 2003 versions of Windows. And for another, the malware authors have cleverly designed exploits that spread via flash and network drives, online trojans, and social engineering features that allow it to spread like wildfire within a local network once a single machine is compromised.
- Your antivirus is very unlikely to stop this. Antivirus is shooting at a moving target, and it probably hasn't caught up to this one yet.
- Microsoft's Windows Update malware removal tool doesn't grok Downadup. Removal tools from antivirus vendors (for example, Symantec) are old and out of date.
The best thing that you can do is make sure that each of your Windows computers has been patched for the vulnerability that the Worm exploits. A lot of folks haven't.
No comments:
Post a Comment