A worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is posing a growing threat to users.The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008.
Although Microsoft released a patch, it has gone on to infect 3.5m machines. Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch. According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code. It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.
How serious is it?
It is the most serious large scale worm outbreak we have seen in recent years because of how widespread it is, but it is not very serious in terms of what it does. So far it doesn't try to steal personal information or credit card details.
Who is affected?
We have large infections in Europe, the United States and in Asia. It is a Windows worm and almost all the cases are corporate networks. There are very few reports of independent home computers affected.
What does it do?
It is a complicated worm most likely engineered by a group of people who have spent time making it very complicated to analyze and remove. The real reason why they have created it is hard to say right now, but we do know how it replicates.
Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.
Also Read : Keeping your PC Safe, Secure & Optimized – Must Read Posts