• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Conficker.C Virus

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Conficker.C Virus

    is heading this way, due to "Go Live" on April 1st. Get your AV up to date and make sure you have this patch installed

    All the gory details here.
    "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

    #2
    Originally posted by DaveB View Post
    is heading this way, due to "Go Live" on April 1st. Get your AV up to date and make sure you have this patch installed

    All the gory details here.
    We had the joyous task of removing all trace of this from several ClientCo servers a while back, and then applying the patch that had somehow become stalled in the IT approval process.
    Where are we going? And what’s with this hand basket?

    Comment


      #3
      Originally posted by voodooflux View Post
      We had the joyous task of removing all trace of this from several ClientCo servers a while back.
      That would have been the A or B Varients then.

      This is a new version that generates around 50,000 faked URL requests per second to disguise the one it is actually communicating with. Get a few of these on your network and you can bend over and kiss your DNS goodbye in addition to the malware problems you are about to aquire.
      "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

      Comment


        #4
        Originally posted by DaveB View Post
        That would have been the A or B Varients then.

        This is a new version that generates around 50,000 faked URL requests per second to disguise the one it is actually communicating with. Get a few of these on your network and you can bend over and kiss your DNS goodbye in addition to the malware problems you are about to aquire.
        Does it exploit the same vulnerability as the other variants?

        The network at ClientCo is so slow they probably wouldn't notice the slowdown
        Where are we going? And what’s with this hand basket?

        Comment


          #5
          Originally posted by voodooflux View Post
          Does it exploit the same vulnerability as the other variants?
          Yup, vulnerability in svchost.exe. If you patched it the last time around you should be safe this time.
          "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

          Comment


            #6
            Originally posted by DaveB View Post
            Yup, vulnerability in svchost.exe. If you patched it the last time around you should be safe this time.
            And hopefully our anti-virus patterns are now up to date so they pick it up this time - a lot of AV vendors were caught out by the earlier variants.
            Where are we going? And what’s with this hand basket?

            Comment


              #7
              Obligatory pedantry: it's a worm, not a virus.

              Comment


                #8
                BBC News: Conficker begins stealthy update
                Where are we going? And what’s with this hand basket?

                Comment


                  #9
                  Originally posted by voodooflux View Post
                  what was foun and it's effects direct from the horses (well Trend Micro's) mouth

                  http://blog.trendmicro.com/
                  The proud owner of 125 Xeno Geek Points

                  Comment

                  Working...
                  X