« National Cyber Alert System – Technical Cyber Security Alert TA09-088A
US-CERT Current Activity – Conficker Worm Targets Microsoft Windows Systems »

National Cyber Alert System – Cyber Security Alert SA09-088A

Monday, March 30th, 2009 - 5:09 am - Microsoft and US-Cert Security Bulletins

                

Conficker Worm Targets Microsoft Windows Systems

   Original release date: March 29, 2009
   Last revised: –
   Source: US-CERT

Systems Affected

     * Microsoft Windows

Overview

   US-CERT is aware of public reports indicating a widespread
   infection of the Conficker worm, which can infect a Microsoft
   Windows system from a thumb drive, a network share, or directly
   across a network if the host is not patched with MS08-067.

Solution

   Install updates
   
   The updates to address these vulnerabilities are available on the
   Microsoft Update site. We recommend enabling Automatic Updates.

Description

   The presence of a Conficker infection may be detected if a user is
   unable to  surf to the following websites:
   
   * http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
   * http://www.mcafee.com
   
   If a user is unable to reach either of these websites, a Conficker
   infection may be indicated (the most current variant of Conficker
   interferes with queries for these sites, preventing a user from
   visiting them).  If a Conficker infection is suspected, the user
   should run the Microsoft Windows Malicious Software Removal Tool
   and install updates available from the Microsoft Update site.

References

 * Microsoft Windows Malicious Software Removal Tool -
   <http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356>

 * Microsoft Updates Website -
   <http://update.microsoft.com/microsoftupdate/>

 * US-CERT Technical Cyber Security Alert TA09-088A -
   <http://www.us-cert.gov/cas/techalerts/TA09-088A.html>

 * Virus alert about the Win32/Conficker.B worm -
   <http://support.microsoft.com/kb/962007>

 * The Conficker Worm -
   <http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm>

 * W32/Conficker.worm -
   <http://us.mcafee.com/root/campaign.asp?cid=54857>

 * Microsoft Automatic Updates -
   <http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA09-088A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <c...@cert.org> with “SA09-088A Feedback VU#827267″ in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2009 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
 
  March 29, 2009: Initial release


Leave a Reply

SEO Powered by Platinum SEO from Techblissonline