Keep the latest worm infestation off your PC

Woody leonhard By Woody Leonhard

It’s been a hellacious week for security admins all over the world: the polymorphic worm known as Downadup, Conficker, and Kido has infected millions of computers.

Fortunately, you can scan, scour, and secure your systems by following four relatively simple steps.

Remember the patch that Microsoft released suddenly — “out of cycle” in the parlance — back in October 2008? Windows Secrets followed suit with an out-of-cycle news bulletin about the patch on Oct. 24. Susan Bradley recommended that readers immediately install the update described in MS08-067 (KB article 958644) to protect against “a remote-code attack that could spread wildly across the Internet.”

Just as Susan predicted, the remote-code attacks started appearing shortly thereafter. On Oct. 26, Christopher Budd of the Microsoft Security Response Center posted the following in the MSRC blog:

“We are aware that people are working to develop reliable public exploit code for the vulnerability. We are aware of discussion about code posted on a public site, but our analysis has shown that code always results in a denial of service, to demonstrate the vulnerability. So far, we’ve not seen evidence of public, reliable exploit code showing code execution.”

By mid-November, the Microsoft Malware Protection Center (MMPC) said in a blog posting that it had collected “over 50 distinct exploits of this vulnerability.” However, MMPC said the instances were very limited: “We’re getting a very small number of customer reports for these attacks.”

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2009-01-22:

Woody Leonhard

About Woody Leonhard

Woody Leonhard is a Windows Secrets senior editor and a senior contributing editor at InfoWorld. His latest book, the comprehensive 1,080-page Windows 8 All-In-One For Dummies, delves into all the Win8 nooks and crannies. His many writings tell it like it is — whether Microsoft likes it or not.