Security Best Practices, Breaking News, & Updates
The following Microsoft resources have been published to help mitigate Win32/Conficker.B infections MS08-067 Malicious Software Removal tool Win32/Conficker.B QUOTE: In response to this threat, Microsoft has: · Updated the January version of the MSFT to detect and remove variants of Win32/Conficker.B. You can download this version from the MSRT from either the Microsoft Update site or through its associatedKnowledge Base article. · Created the KB article 962007 “Virus alert about the Win32/Conficker.B worm” to provide public details on the symptoms and removal methods available to address this issue. · Announced the release of the items and the virus threat itself on the Microsoft Malware Protection Center blog.Below are additional resources that may be helpful ... Standalone cleaning tools may help in cases where malware authors are blocking the capability to download or get properly updated.Informative article on what corporate IT security departments should have in place to prevent the current 3-pronged attacks: -- Patch Management (patching plus testing to ensure everything is up-to-date) -- Reduce/Eliminate Autorun for removable devices and wide-open network shares -- Test/Strengthen passwords Trend Blog - Good Corporate Security Policies can prevent Conficker infections http://blog.trendmicro.com/security-policy...wnad-infection/ An estimated 33% of users are not up-to-date on security patches, as noted in the Computerworld article. Staying up-to-date on security patches and AV updates can provide protection. These latest MS08-067 attacks have been more potent, so please research the links at the bottom to ensure you are up-to-date.COMPUTERWORLD: 1 in 3 Windows PCs vulnerable to worm attackhttp://www.computerworld.com/action/...icleId=9126038QUOTE: January 15, 2009 (Computerworld) The worm that has infected several million Windows PCs is causing havoc because nearly a third of all systems remain unpatched 80 days after Microsoft Corp. rolled out an emergency fix, a security expert said today. Microsoft - Windows Update Web Site Microsoft - Security at Home (learn security basics) Secunia PSI - Can check your system for missing updates
Techniques for disabling AUTORUN for USB plug-in deviceshttp://technet.microsoft.com/en-us/magazine/2008.01.securitywatch.aspxhttp://support.microsoft.com/kb/953252http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html
MS08-067 Conficker worm - F-Secure offers free removal toolsftp://ftp.f-secure.com/anti-virus/tools/beta/fsmrt.zip ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip