Conficker MS08-067 Worm - Continues to Impact Networks

Patch management is one of the most important elements of security protection.  Yet many individuals and even companies don't always do the best job in this area.  After almost a year, Conficker is alive and well on numerous unpatched systems around the world.

Conficker MS08-067 Worm - Continues to Impact Networks
http://isc.sans.org/diary.html?storyid=7189
http://www.abc.net.au/news/stories/2009/09/23/2694401.htm

QUOTE: Almost a year after it was first detected, the Conficker computer virus is still baffling security experts who say it poses the largest threat of cyber crime. They admit they are no closer to finding a cure or who is behind it, and Microsoft continues to offer a $300,000 reward for anyone who can help.

More than 5 million computers worldwide have been infected by the worm since it was discovered late last year. Rodney Joffe, the director of US communications company Neustar, says the virus is nearly impossible to remove from infected computers.

He said the virus creates cryptographic links between infected computers which are controlled by an equally malicious and distant server. "We've not been able to crack that, and in fact it's using the very latest cryptographic techniques, something called MD6, which is something that we don't expect to be able to crack for many years," Mr Joffe said.

Conficker Worm - Spread rapidly world-wide on unpatched systems
www.f-secure.com/weblog/archives/00001646.html

Conficker Worm - How to test your system
(Do you see all 6 images?)
www.confickerworkinggroup.org/infection_test/cfeyechart.html