Microsoft yesterday released the Security Intelligence Report (vol. 12), which says that the Conficker worm has been detected in 1.7 millions PCs, approximately 220 million times worldwide in the past two and a half years.

What is Conflicker?

Other names: Downup, Kido.

This is a worm which works as a key loggers and steal user name and passwords from infected PCs. It may infect svchost.exe, services.exe or explorer.exe on target computers. It may attack computers using NetBIOS hack to generate very high network traffic.

Its first variant was discovered in November 2008, and it is still continue to spread. The worm targets only MS Windows Operating systems.

The main reason for propagation of the threat is weak passwords, that can be guessed easily. Some of your friends would also have been using passwords like 123, admin, admin123, administrator, asdfgh, and the word 'password' itself.

Report says that that 92% of infections were a result of weak or stolen passwords, and 8 percent of infections exploited vulnerabilities for which a security update exists.


  • Some Microsoft Windows services such as Automatic Updates, BITS, Defender and Error Reporting disabled.

  • Account lockout policies being reset automatically.

  • Congestion on LAN traffic

  • Domain controllers responding slowly to client requests

  • Web sites related to antivirus software or the Windows Update service becoming inaccessible.

  • User accounts locked out.

Recommendations from Microsoft

There is not any specific guidelines released, but make sure that you are in safe side by adhering to the following fundamentals.

  • Use Strong Passwords - Microsoft OSs are also used in home computers, so doesn't force users to set strong passwords, but highly recommends for that.

  • Don't make any delay in applying available security updates.

  • Use antivirus/anti-malware software from a trusted vendor.

  • Invest in newer products with a higher quality of software protection.

  • Consider the cloud as a business resource.

[Source: Microsoft News Center]

Post tagged in: MicrosoftSecurity