backtop


Print 62 comment(s) - last by rcc.. on Feb 25 at 2:48 PM

The worm continues to infect a large number of computers while security experts try and figure out what to do

Microsoft has created a new technology industry posse and a $250,000 reward for people who help turn over the creators of the Conficker worm.

The Conficker worm multiplied like wildfire, and spreads through a hole found in Microsoft Windows systems, though the vulnerability was patched in October.  It also is able to disable anti-malware protection and will block an infected PC from visiting anti-malware vendors Web sites to receive updates.

Security experts are even more worried about the possibility the worm calls home every 24 hours to at least 250 servers each day for instructions or directed actions.

The Houston police department was forced to stop arresting people with traffic warrants because the worm spread its way through the police and city court's computer systems.  Violent offenders were still arrested, but those with outstanding traffic warrants were simply issued citations instead of being arrested, Houston police officials said.

There also was a Conficker outbreak among French military computers, which led to several fighter planes being grounded until everything could be fixed.

Microsoft is working with the Internet Corporation for Assigned Names and Numbers (ICANN) and PC security experts while trying to identify the worm's creators.  VeriSign, NeuStar, Public Internet Registry, Global Domains International, AOL, F-Secure, George Tech, and several other organizations have joined the fight to help capture who ever created the Internet worm.

"As part of Microsoft's ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers," Microsoft Trustworthy Computing Group G.M. George Stathakopoulos said in a statement.  "By combining our expertise with the broader community we can expand the boundaries of defense to better protect people worldwide."

Security company Symantec reported that more than 2.2 million IP addresses over the past five days have been infected with two different forms of the worm, three months after it first hit the Internet.  To date, it's infected at least 10 million PCs since first being introduced into the wild.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: How about...
By arazok on 2/13/2009 4:35:57 PM , Rating: 1
How about just making it so windows disables internet access until patches are installed?


RE: How about...
By Dreifort on 2/13/09, Rating: -1
RE: How about...
By PhoenixKnight on 2/13/2009 5:16:14 PM , Rating: 4
Just release a patch that will kick unpatched computers offline.


RE: How about...
By Etsp on 2/13/2009 9:04:08 PM , Rating: 2
Offline to all sites other than the windows update site....


RE: How about...
By bupkus on 2/14/2009 1:08:18 PM , Rating: 2
That would require the user to install all updates, in which case they would be up to date on their security updates, nes pa?


RE: How about...
By xphile on 2/15/2009 9:31:06 PM , Rating: 2
Isn't that called a worm? Lol.


RE: How about...
By nilepez on 2/14/2009 7:44:28 AM , Rating: 3
even dial-up people can patch overnight and/or while they're at work.

Besides, in the past, I've visited friends, who have broadband, that haven't patched in months.

There's just no excuse....not even dial-up is an excuse.


RE: How about...
By AlexWade on 2/14/2009 8:21:34 AM , Rating: 3
I was working on a computer yesterday that was on a cable modem but using XP SP1. The sad fact is millions of people are ignorant and naive. They just click-click-click not ever thinking someone out there might not have their best interests in mind. And there is no class required to use a computer, nobody ever told them. That is why there is so much malware.

I did tell them to use Windows Update. Hopefully they will get SP3 which is more intuitive when it comes to security updates.


RE: How about...
By mindless1 on 2/14/09, Rating: 0
RE: How about...
By SiliconAddict on 2/14/2009 11:35:10 PM , Rating: 2
Yah because a 1MB file is really going to hurt on even dial up. Sorry but enough with the excuses. People are lazy fucktards that is all that there is too it. This is the same shit that happened with the MS blaster outbreak. Patch was out for MONTHS and yet people didn't do shit.


RE: How about...
By Dreifort on 2/16/2009 10:07:33 AM , Rating: 2
whose to say all future updates will be under 1MB??


RE: How about...
By Bateluer on 2/13/2009 4:53:36 PM , Rating: 5
If you do this, you'd have thousands, perhaps millions, of people calling various support lines, irate that they cannot get online to check their myspace.

It sounds great on paper, but most computer users are idiots.


RE: How about...
By arazok on 2/14/2009 12:20:27 AM , Rating: 1
You already have thousands, perhaps millions, of people calling various support lines, irate that they cannot get online to check their myspace. They have viruses.

I feel nothing for them. <spits>


RE: How about...
By bupkus on 2/14/2009 1:11:39 PM , Rating: 3
Most computer users are now just average consumers, looking for a good consumer experience.

Likely quote--

I paid good money for this computer... why doesn't it protect itself?

Probably answer--

Are you saying that you don't ever change the oil in your car?


RE: How about...
By fishbits on 2/13/2009 5:09:27 PM , Rating: 2
"How about just making it so windows disables internet access until patches are installed?"

If for critical seucrity patches... if you're two months out of date... and you were warned weekly after being one month out of date... and Windows offers easy automated and manual ways to update (which it already does)...

That might work. Not foolproof, but it would get a lot of the low-hanging fruit of security gains. Have a way to override this, for "emergency" cases, but make it more onerous than updating, and in the process have the user acknowledge the massive risk increase they're opting for.


RE: How about...
By mindless1 on 2/14/2009 7:11:51 PM , Rating: 2
That would be idiotic and lawsuit-inducing.


RE: How about...
By jay401 on 2/13/2009 6:53:18 PM , Rating: 2
Then you wouldn't be able to download the patches... ;P


RE: How about...
By SiliconAddict on 2/14/2009 11:37:59 PM , Rating: 2
Nope. They could leave a port open for Windows Update and that is all. It could be done, but the lazy cows out there would complain.


RE: How about...
By callmeroy on 2/16/2009 12:27:07 PM , Rating: 2
No. All users shouldn't be forced to endure inconveniences in a product because some users are too dumb to use it / maintain it properly. I don't know if it ever made it to a production car but there were experiments in the 60's within the car industry that in order for the ignition to crank over your seat belt had to be fastened.

Whether its a life saving device or a simple computer -- I'm for you should be free to use it how you want -- outside of breaking other laws with its use.


"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki