Sponsor for PC Pals Forum

Author Topic: Windows worm trickery for Vista  (Read 698 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Windows worm trickery for Vista
« on: January 21, 2009, 17:25 »
The Conficker virus has opened a new can of worms for security experts.

Drives such as USB sticks infected with the virus trick users into installing the worm, according to researchers.

The "Autoplay" function in Vista and early versions of Windows 7 automatically searches for programs on removable drives.

However, the virus hijacks this process, masquerading as a folder to be opened. When clicked, the worm installs itself.

It then attempts to contact one of a number of web servers, from which it could download another program that could take control of the infected computer.

The worm is unusually clever in the way that it determines what server to contact, according to F-Secure's chief research officer Mikko Hypponen.

"It uses a complicated algorithm which changes daily and is based on timestamps from public websites such as Google.com and Baidu.com," said Mr Hypponen in a blog post.

"This makes it impossible and/or impractical for us good guys to shut them all down — most of them are never registered in the first place.

"However, the bad guys only need to predetermine one possible domain for tomorrow, register it, and set up a website — and they then gain access to all of the infected machines," he added.

It has also emerged that the virus automatically disables the automatic updates to Windows that would prevent further infection.

As the virus - also known as Downadup - has spread to an estimated 9m computers globally, a number of high-profile instances of the virus have arisen.

The Ministry of Defence has been battling an outbreak of the virus across its network for more than two weeks, and on Tuesday a network of hospitals across Sheffield told technology website The Register that more than 800 of their computers had been infected.

Users are urged to download the KB958644 Security Update from Microsoft to mitigate the risk of infection.

 
http://news.bbc.co.uk/1/hi/technology/7842013.stm

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Windows worm trickery for Vista
« Reply #1 on: January 21, 2009, 17:35 »
Users should have installed this update last October, of course.
Slainthe!

Rik

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Windows worm trickery for Vista
« Reply #2 on: January 21, 2009, 18:58 »
There IS a point to Windows Update!  ;)
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Windows worm trickery for Vista
« Reply #3 on: January 22, 2009, 10:19 »
There is?  ;)
Slainthe!

Rik


Show unread posts since last visit.
Sponsor for PC Pals Forum