Don't Let April Fools Trick You
April 1 Conficker Worm May Be Harmless – Or Devastating
The Conficker worm first appeared in late 2008 and made headlines earlier this year when it affected over 9 million computers worldwide. It disables some of the victim's security services and blocks access to security Web sites, while granting a "master machine" access to the infected computer.
Conficker is now in its third variant, with the Conficker C worm set to do something -- we're not sure what -- on the hard-coded date of April 1. It could be something relatively benign, like spontaneously launching a bunch of pop-ups. Or the master machine might send out a message to all the infected computers across the globe to launch a denial-of-service attack or look for personal information on their hard drive.
Because we don't know what April 1 will bring, it's absolutely necessary to be proactive.
Conficker often disables anti-virus software when it infects a machine, so make sure your anti-virus services are actually working. Run a scan, update your definitions, and make sure you've installed all your latest Windows patches, especially MS08-067 which patches the primary vulnerability Conficker is exploiting to compromise systems.
Then sit back and hope that the pranksters behind Conficker C are feeling more nice than naughty on April Fool's Day.
Bonus Round: New Scareware Alert
We've been hearing a lot through our own customers and colleagues about the Vundo virus. It basically installs itself on your machine and then encrypts your jpegs, PDFs, and Word documents -- which you can decrypt by buying a $40 license for a product called "FileFix Pro 2009." Security experts call this kind of scheme "ransomware".
One Internet security company has already figured out how to disable the encryption using a simple Perl Script
. But if you don't happen to have a Perl engineer to disable Vundo, stay vigilant about scareware soliciations and think before you click on any sudden or alarming security messages.
If you can’t seem to find the time to run a full system scan, or if you’ve put off installing security updates because you’ve got more pressing tasks to attend to, you might look into a managed services program like CMIT Marathon. Marathon automatically updates your antivirus and antispyware definitions and regularly runs system scans so that you can rest easier about your computer’s security. For more information, click here