Conficker and Microsoft Anti-Malware Software


I want to add a few things as it is still not over: More and more enterprises are still hit. My last blog post showed you what you can do but I wanted to add two resources and a comment.

The comment first: There were some discussions about our Anti-Malware solution. We had protections in all our products (Forefront, OneCare, our Online Safety Scanner) since December 29th. Additionally MSRT (the Malicious Software Removal Tool) removes Conficker since yesterday.

A lot of infections we see at the moment are because of

  • Unpatched machines
  • AV-Software still not detecting this malware. So, you definitely should think about which AV-solution you are running in the future if three weeks after such a breakout you are still unprotected!

Now to the two resources:

Our Malware Protection Center published a post on Conficker yesterday with an excellent picture of the infection vectors:

original[1]

And the Microsoft Security Response Center posted as well.

Roger

Comments (3)

  1. Anonymous says:

    thank you

  2. Anonymous says:

    I just removed a comment wiht a script on how you can remove Conficker as I cannot (and do not want to) prove it.

    If you need to remove Conficker, use the Malicious Software Removal Tool to be found on the Microsoft webpage

    Roger