Depending upon who you believe, Wednesday, April 1, 2009 will either be a dark day for Windows computer users everywhere, or else we'll all be quoting Marvin the Martian, saying, "Where's the kaboom?" Well, hardly anything computer security related is that black-and-white, but make no mistake, this is a real virus. Microsoft is offering a $250,000 reward for the arrest and conviction of those that created the malicious program. Even the television newshour 60 Minutes spent 15 minutes discussing the potential impact. Of course, Mac and Linux users can rest easy on this front, because the virus takes advantage of vulnerabilities in Microsoft WIndows-based computers.
In short, the Conficker virus, also known as Kido or Downadup, is a worm that attempts to spread itself from one computer to another across networks and via USB flash drives. There are currently four known variants of this worm:
Purportedly the virus is currently stealthily spreading itself from one computer to another, and then lying in wait for instructions. This approach is often referred to as a botnet, where hackers assemble massive arrays of computers that lie in wait for further instructions. Purportedly April 1 is zero-hour for the Conficker army, and the actual results remain to be seen.
Fortunately, there are several actions that you can take today to protect yourself. First, back-up your data! Second, US-CERT (United States Computer Emergency Readiness Team) reports that your computer may be infected if you're unable to navigate to either of these two web sites:
Third, visit Microsoft Windows Update and make sure that your computer has all of the latest patches installed. Further guidance from Microsoft is available:
- IT Professionals:Help Protect Windows from Conficker
- Consumers:Protect Yourself from the Conficker Computer Worm
Finally, make sure that your security and antivirus software is up to date. Also, consider using a free online virus scanner to confirm that your security software hasn't been compromised. Two free options include:
As you might expect, there's much more that you can read about Conficker. This short reading list will get you started: