| By Susan Bradley |
Though the Conficker worm’s infection rate appears to have peaked, the millions of now-compromised PCs constitute a potential botnet bonanza.
Most Conficker-infected PCs are in China, Russia, and Brazil, where pirating is prevalent and patching is rare; the U.S. infection rate is much lower.
Waiting for the Conficker botnets to strike
The spread of the worm known as Conficker, Downadup, and Kido is slowing, according to a study by virus research firm F-Secure, but the malware’s damage may not be over. As reported by Windows Secrets contributing editor Woody Leonhard in his Jan. 22 Top Story, the defense against this worm is to install the patch described in MS08-067 (958644).
The F-Secure research indicates that more than 4 out of 10 of the PCs infected with this worm are in China (15.1%), Russia (13.9%), and Brazil (11.9%). Only slightly more than 1% of infected PCs are associated with IP addresses in the U.S.
Many of the PCs in countries where Conficker infection is rampant, including India and Ukraine, run pirated copies of Windows. These systems are much less likely to be patched on a regular basis, which makes them vulnerable to this and other malware.
If you’re unsure whether you’ve installed the patch that thwarts Conficker, click Start (Start, Run in XP), type appwiz.cpl, and press Enter. In Windows XP, make sure Show updates is checked at the top of the Add or Remove Programs window. In Vista, click View installed updates in the top-left pane. Look for Security Update for Microsoft Windows (KB958644).