Conficker virus confounds computer users

Depending upon who you believe, Wednesday, April 1, 2009 will either be a dark day for Windows computer users everywhere, or else we'll all be quoting Marvin the Martian, saying, "Where's the kaboom?" Well, hardly anything computer security related is that black-and-white, but make no mistake, this is a real virus. Microsoft is offering a $250,000 reward for the arrest and conviction of those that created the malicious program [1]. Even the television newshour 60 Minutes spent 15 minutes discussing the potential impact [2]. Of course, Mac and Linux users can rest easy on this front, because the virus takes advantage of vulnerabilities in Microsoft WIndows-based computers.

In short, the Conficker virus, also known as Kido or Downadup, is a worm that attempts to spread itself from one computer to another across networks and via USB flash drives. There are currently four known variants of this worm:

Purportedly the virus is currently stealthily spreading itself from one computer to another, and then lying in wait for instructions. This approach is often referred to as a botnet, where hackers assemble massive arrays of computers that lie in wait for further instructions. Purportedly April 1 is zero-hour for the Conficker army, and the actual results remain to be seen.

Fortunately, there are several actions that you can take today to protect yourself. First, back-up your data! Second, US-CERT (United States Computer Emergency Readiness Team) reports that your computer may be infected [7] if you're unable to navigate to either of these two web sites:

Norton: The Conficker Worm [8]
McAfee home page [9]

Third, visit Microsoft Windows Update [10] and make sure that your computer has all of the latest patches installed. Further guidance from Microsoft is available:

IT Professionals: Help Protect Windows from Conficker [11]
Consumers: Protect Yourself from the Conficker Computer Worm [12]

Finally, make sure that your security and antivirus software is up to date. Also, consider using a free online virus scanner to confirm that your security software hasn't been compromised. Two free options include:

Windows Live OneCare safety scanner [13]
Trend Micro HouseCall [14]

As you might expect, there's much more that you can read about Conficker. This short reading list will get you started:

Wikipedia [15]
Urban legend debunker Snopes.com [16]
The Wall Street Journal's Digits Blog [17]
CNET [18]

Links:
[1] http://www.microsoft.com/presspass/press/2009/feb09/02-12ConfickerPR.mspx
[2] http://www.cbsnews.com/stories/2009/03/27/60minutes/main4897053.shtml
[3] http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm:Win32/Conficker.A
[4] http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm:Win32/Conficker.B
[5] http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm:Win32/Conficker.C
[6] http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm:Win32/Conficker.D
[7] http://www.us-cert.gov/cas/techalerts/TA09-088A.html
[8] http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp link_conficker_worm
[9] http://www.mcafee.com
[10] http://www.windowsupdate.com
[11] http://www.microsoft.com/conficker
[12] http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
[13] http://onecare.live.com/site/en-us/default.htm?s_cid=sah
[14] http://housecall.trendmicro.com/
[15] http://en.wikipedia.org/wiki/Conficker
[16] http://www.snopes.com/info/search/search.asp
[17] http://blogs.wsj.com/digits/2009/03/26/conficker-dont-believe-the-hype/
[18] http://news.cnet.com/faq-conficker-time-bomb-ticks-but-dont-expect-boom/