What Morto and Conficker have in common?

I wrote many posts on this blog about Conficker and this weekend when I heard about Morto (which means Dead in Portuguese) and how it works it was like a Deja-vu. Not because they are alike from the side effect perspective, but because both exploit weak password. Let’s look the way that they spread (according…


Conficker - A Timeline View

Microsoft Malware Protection Center released yesterday (March 27th) a good post about Conficker that has a comprehensive timeline of this worm and how Microsoft acted to protect the systems against this threat. This post also reveals some insights of what to possibly expect next month (April 2009) when the subject is Conficker.   Read the…


New Conficker variant introduces new backdoor functionality

Microsoft Malware Protection Center released last Friday an update about the new Conficker variant, as MMPC’s blog says: “The new sample has modifications which introduce new backdoor functionality. Previous versions of Conficker patched netapi32.dll in memory to prevent further exploitation of the vulnerability addressed by bulletin MS08-067.”   Check it out the complete post at…


Centralized Information about Conficker

Microsoft Malware Protection Center Blog put together the latest update about Conficker worm, the attack vectors, how to prevent and how to clean the system. It is all consolidated in their blog that you can access from here:  http://blogs.technet.com/mmpc/archive/2009/01/22/centralized-information-about-the-conficker-worm.aspx  


Removing Conficker Worm

Quick post just to bring awareness about this new KB that explains how to manually remove Conficker. Follow the steps from: http://support.microsoft.com/kb/962007  


Blocking Conficker through ISA Server/TMG

Happy New Year everybody! I hope you enjoyed your new years eve because now you might want to take a look on this worm that is causing lots of headaches to all IT Admins.  MMPC (Microsoft Malware Protection Center) has a report about this malware and how to proceed to avoid infestation: http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.B Good news…