Conficker has gone out of control, so much that Microsoft are now offering a $250,000/£172,000 reward for anyone who finds the culprit who wrote the virus. According to statistics, the virus has now infected over 12,000 computers. Read more about this virus, its effects on the world and other virii that have been written and culprits caught by generous offers of rewards by Microsoft’s Trustworthy Computing Group.
Posts Tagged Virus
Some people say who needs virus software and others think patching is for rainy days and as such, there’s no need to keep systems up-to-date. One of those "companies" is the French Navy. If you understand French, it’s been reported that the Conficker virus has taken their network by storm. Oops. They’ve had to cut network connectivity to the Navy network. Back to the telephone and snail mail for the time being boys…
Seems that it happened or was initiated on 12 Jan and was probably brought on to the network via a USB key. They say that it hasn’t affected the main "operational networks" but its still a kick in the teeth for a military type organisation for this to have hit them. Bet they start patching more frequently now and keep a tighter reign on things.
Nine of out 10 critical bugs reported by Microsoft last year could have been made moot, or at least made less dangerous, if people ran Windows without administrative rights, a developer of enterprise rights management software has claimed.
BeyondTrust, which touts its Privilege Manager as a way for companies to lock down PCs, tallied the individual vulnerabilities that Microsoft disclosed in 2008, then examined each accompanying security bulletin. If the bulletin’s "Mitigating Factors" section, the part that spells out how to lessen the risk of attack or eliminate it entirely, said that users with fewer rights "could be less impacted than users who operate with administrative rights," BeyondTrust counted the bug.
The vast majority of critical Microsoft vulnerabilities — 92% of them — could have been mitigated by stripping users of administrative rights, said John Moyer, the CEO of BeyondTrust. "This speaks to what enterprises should be doing," Moyer said. "Clearly, eliminating administrative rights can close the window of opportunity of attack."
Of the 154 bugs published and patched by Microsoft in 2008, critical or not, 69% would have been blocked or their impact reduced by configuring users to run without administrative rights, said the company.
…via parking tickets. Yup, that’s right. Some clever skript kidz in the USA have decided it best to spread virii by placing what looks like a parking ticket on the windows of what they hope are unprotected and lay users. What happens next? The user goes home, types in the URL and BANG, infected!
Quite clever if your machine isn’t up to date and yet another reason not to believe everything is real until you know it is (shameless plug for taking a Certificate Authority Class like MS 6424) 😉