Subscribe

Get the Network Administrators tool pack

Subscribe to our newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them.

Click Here to get your free tools

Recent Posts

Search

Archives

Microsofts Warns of Worm Attack

by Steve Wiseman on December 1, 2008 · 0 comments

in Flaw,Windows


.

Security researchers at Microsoft last week warned of a significant increase in exploits of the SMB flaw in Windows. The flaw was patched with an emergency fix last month. Microsoft again urged users to install the patch if they have not already done so.

The patch can be found here

Microsoft’s malware protection center said an increase in attacks began last weekend. This is right in line with the rumor I posted a while back that indicated this would happen near the Thanksgiving holiday.

The latest maleware to exploit this flaw is called “Conficker.a” by Microsoft, and “Downloadup” by Symantec. It exploits the flaw in SMB and then installs itself on the target machine. The purpose of the maleware is not clear yet, but it has been studied by security researchers. This is what they have found so far

-It Avoids Ukrainian IP address ranges. This possibly means it was created by someone in this area of the world. It is a common tactic used to reduce the chance of action by local authorities.

-Even more interesting, the worm patches the flaw. This is done so other viruses cannot take the place of it.

-The worm resets the machine’s restore point. Which will make it difficult or impossible to “roll back” windows from a pre-infection state.

It is clear that if you have installed the patch, you are safe. If you have not installed the patch yet I would suggest getting to it as fast as you can. In addition, as a precaution you should always make sure that your SMB services are not available from the public Internet – you never know what other flaws are still hiding in this very old part of Windows.

One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools

Related Articles:

Leave a Comment

Category Links - Windows Forum - Exchange Forum