MS08-067 Worm Dangers - New Conficker variants manipulate AUTORUN.INF
The latest variants of Conficker has spread to over 3 million PCs and Servers worldwide as it uses multiple techniques to spread to vulnerable systems. The MS08-067 patch must be applied to help prevent infections, along with keeping removable media unplugged until needed in transferring information. Corporate security administrators should ensure network shares and passwords are properly locked down as well
How Big is Downadup? Very Big.
QUOTE: Today's total infection count is an estimated 3,521,230 infections worldwide
Conficker's autorun and social engineering
Very Deceptive AUTORUN.INF tactics are used
QUOTE: F-Secure posted some interesting information about the number of infections which is almost certainly in millions (and who knows how many machines will stay infected as the owners will not even notice anything). One of the reasons for infecting so many machines is that Conficker uses multiple infection vectors:
1.It exploits the MS08-067 vulnerability
2.It brute forces Administrator passwords on local networks and spreads through ADMIN$ shares
3.It infects removable devices and network shares by creating a special autorun.inf file and dropping its own DLL on the device.
More on MS08-067 Worm developments
Techniques for disabling AUTORUN for USB plug-in devices
MS08-067 Conficker worm - F-Secure offers free removal tools
PATCH NOW - if there are any servers or PCs that need this critical update. Home users can employ the Windows Update process. More information can be found in the link below:
MS08-067 Security Patch Information