How to prevent Conficker (Downadup) worm

In just a short time, the Conficker worm, called Downadup, infected 9 million computers. Some basic information will help computer users to prevent Downadup (Conficker) from entering their PC.

Conficker or Downadup takes advantage of an integrated Windows Server service security bug in almost every Windows version - from Windows 2000, XP, Vista, Server 2003 to Server 2008 - to attack and infect user PCs and internal networks. the set that the computer connects to.

When enabled, Conficker will block some system services such as Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. Next, Conficker connects to a malicious server to download other malicious code installed on the victim's computer.

Conficker spreads in three ways

How to prevent Conficker (Downadup) worm Picture 1 1. Deep attack on Windows Server service security error. Computers that have not updated the emergency patch released from Microsoft can be attacked remotely.

2. Conficker can "guess" or " brute force " the admin password used by local networks and spread through shared folders in the network.

3. The auto-activation function of Conficker will execute when an external storage device has infected Conficker attached to the computer.

How to prevent Conficker

1. The Conficker worm is more dangerous than other worms because it can randomly set up its file format to prevent security programs from detecting it. Windows users need to set the scan mode for all file types for the anti-virus installed on the device.

2. Microsoft has put Conficker on the "kill" list of the Microsoft Software Removal Tool (MSRT) security tool in the latest update. The rest depends on the user itself, just update Windows regularly or turn on automatic update mode.

3. The third way is less relevant to ordinary users but for network administrators, is to use the Conficker blocklist of security vendor F-Secure to prevent Conficker worm from connecting to websites.

4. The last way is to prevent the ability to activate Conficker (Downadup) by locking the autorun function so that the computer is not infected when connecting to a USB storage device or storage device. Other storage contaminated with Conficker.