Microsoft is trying to control the Conficker worm on two fronts: both the bug itself and news about how it's handling it.
Microsoft is still trying to control the Conficker worm, both the bug itself and news about how it's handling it. Conficker first surfaced in October of 2008 when Redmond patched a flaw in Windows' remote procedure call requests.
On Thursday, Roger Halbheer, chief security adviser for Microsoft's Europe, Middle East and Africa Group, disputed findings in an alert issued by the U.S. Computer Emergency Readiness Team (CERT).
CERT suggested that the Windows AutoRun feature, which could be tapped to run malicious programs in Windows environments, should be disabled. Doing so would limit the spread of bug strains like Conficker. Moreover, CERT described Microsoft's guidelines for disabling AutoRun as ineffective, exacerbating the vulnerability.
Halbheer objected to CERT's claim in his blog post. He pointed to a Knowledgebase article describing how Windows users can disable the AutoRun registry key and prevent incursions from removable media, such as USB flash drives.
Microsoft faces a tall order in getting out the word that a fix exists, while quelling the concerns of users and system administrators. It's a global problem, too.
"Quenching the outbreak is going to be difficult due to the ISPs not wanting to get involved with supervising the traffic of their users," said Phil Lieberman, president of Los Angeles-based Lieberman Software. "Consumers cannot shut down those that are attacking them since they would be legally liable and the government is prohibited from stopping the outbreak because there are no laws that allow it because of offshore control of the botnet."
Lieberman added, "I have to tell you, it's a good day to be a cyber-criminal running a botnet, and an even better day to be an antivirus vendor."
The Conficker worm may be one of the largest botnet bugs ever created. It got its name from a circle of German hackers and security researchers. The name is a combination of "con" and "ficken," the German verb for configure. It's not clear to what degree the Conficker worm is slithering around the world. Reports have suggested that as little as 2.5 million to as many as 10 million PCs have been infected.
No comments:
Post a Comment