Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How to prevent Conficker (Downadup) worm
In just a short time, the Conficker worm, called Downadup, infected 9 million computers. Some basic information will help computer users to prevent Downadup (Conficker) from entering their PC.
Conficker or Downadup takes advantage of an integrated Windows Server service security bug in almost every Windows version - from Windows 2000, XP, Vista, Server 2003 to Server 2008 - to attack and infect user PCs and internal networks. the set that the computer connects to.
When enabled, Conficker will block some system services such as Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. Next, Conficker connects to a malicious server to download other malicious code installed on the victim's computer.
Conficker spreads in three ways
1. Deep attack on Windows Server service security error. Computers that have not updated the emergency patch released from Microsoft can be attacked remotely.
2. Conficker can "guess" or " brute force " the admin password used by local networks and spread through shared folders in the network.
3. The auto-activation function of Conficker will execute when an external storage device has infected Conficker attached to the computer.
How to prevent Conficker
1. The Conficker worm is more dangerous than other worms because it can randomly set up its file format to prevent security programs from detecting it. Windows users need to set the scan mode for all file types for the anti-virus installed on the device.
2. Microsoft has put Conficker on the "kill" list of the Microsoft Software Removal Tool (MSRT) security tool in the latest update. The rest depends on the user itself, just update Windows regularly or turn on automatic update mode.
3. The third way is less relevant to ordinary users but for network administrators, is to use the Conficker blocklist of security vendor F-Secure to prevent Conficker worm from connecting to websites.
4. The last way is to prevent the ability to activate Conficker (Downadup) by locking the autorun function so that the computer is not infected when connecting to a USB storage device or storage device. Other storage contaminated with Conficker.
Kareem WintersYou should read it
- 7 things to know to prevent Conficker worm
- Akamai: Conficker worm is still spreading
- Conficker worm still silently grows
- China: Millions of computers infected with the Conficker worm
- Passwords are simply 'fat bait' of Conficker worm
- Conficker.e started to implement 'money-making mission'
- Conficker's victim has reached 7 million
- The new worm 'digs' a Windows vulnerability
May be interested
- Conficker worm wakes up via peer-to-peer sharing
one week after april 1, conficker got the first move and the infected computer got a new payload via p2p channel. - Conficker worm 'terrorizes' US Utal Universityofficials at the university of utah (usa) over the weekend said there were a total of more than 700 pcs on the computer network that were infected with conficker.
- Conficker worm still raging in TM Datacenter data centercalled conficker, the type of computer sieves spread across millions of computers around the world and left tremendous consequences.
- Conficker controls 4% of globally infected PCsibm's security department claims that every 25 domain names used to download malicious data on the internet are under the control of a dangerous computer worm.
- Deeper computer fakes 'more famous'thanks to mimicking some of conficker's infection strategies, the little known worm of neeris over the weekend caused a surprise.
- April Fool's Day remembers the worm Conflickerjust a year ago, the conficker worm kept the global security community in a red alert state and until now, the danger of this worm is not over.
- The third variant of Conficker appearsnot only is the ability to spread rapidly, conficker.c also has the ability to disable all attacks of the antivirus programs.
- W32.Downadup.B outbreaks during the holiday seasonsymantec recommends that users should update the patches immediately to handle the vulnerabilities in remote code execution for microsoft windows server service rpc.
- Conficker.C 'timer' broke out on April 1security researchers from ca have discovered that the third variant of the conficker strain has been 'scheduled' to activate on april 1 next.
- Conficker starts firing around the worldnot opening a new frantic attack on the 1st of april as many people predicted, the conficker is silently activating and slowly aiming to 'sleep' users
ILife Trojan is available in pirated Photoshop CS4
Trojan-Downloader.Win32.Agent.mee
New variant of 'extremely toxic' virus appears
The fast-paced 'mobile phone virus'