http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
Protect yourself from the Conficker computer worm
Published: March 27, 2009
The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction.
If you are an IT professional, please visit Conficker Worm: Help Protect Windows from Conficker.
On This Page Am I at risk of having the Conficker worm?
What does the Conficker worm do?
How does the Conficker worm work?
How do I remove the Conficker worm?
Where can I find more technical information about the Conficker worm and how can I stay up to date on the Conficker worm?
Am I at risk of having the Conficker worm?
Most antivirus software could detect and block the Conficker worm, so if you have updated antivirus software on your computer, you are at a much lower risk of being infected by the Conficker worm.
If you or your network administrator have not installed the latest security updates from Microsoft and your antivirus provider, and if you have file-sharing turned on, the Conficker worm could allow remote code execution. Remote code execution allows an attacker to take control of your computer and use it for malicious purposes.
Top of page
What does the Conficker worm do?
To date, security researchers have discovered two variants of the worm in the wild.•
Win32/Conficker.A was reported to Microsoft on November 21, 2008.
•
Win32/Conficker.B was reported to Microsoft on December 29, 2008.
•
Win32/Conficker.C was reported to Microsoft on February 20, 2009.
•
Win32/Conficker.D was reported to Microsoft on March 4, 2009.
Win32/Conficker.B might spread through file sharing and via removable drives, such as USB drives (also known as thumb drives). The worm adds a file to the removable drive so that when the drive is used, the AutoPlay dialog will show one additional option.
The Conficker worm can also disable important services on your computer.
In the screenshot of the Autoplay dialog box below, the option Open folder to view files — Publisher not specified was added by the worm. The highlighted option — Open folder to view files — using Windows Explorer is the option that Windows provides and the option you should use.
If you select the first option, the worm executes and can begin to spread itself to other computers.
Tidak ada komentar:
Posting Komentar