Conficker worm exploits Microsoft MS08-067 vulnerability

by Graham Cluley on November 27, 2008 | Comments Off

Filed Under: Malware, Vulnerability

Back in October I warned you about a critical security vulnerability found in some versions of Microsoft Windows.

Known as as MS08-067, Sophos published information about this serious vulnerability and warned of the potential for worms to be written which would exploit the security hole.

Yesterday, we began to receive reports of a new piece of malware (W32/Confick-A, also known as Conficker) that attempts to spread by exploiting this vulnerability.

If the knowledge that Microsoft chose to release a security patch outside of its normal monthly cycle wasn't enough to stir you into action, then news of the new worm definitely should. It's always better to do everything possible in advance of a piece of malware being released, rather than mopping up afterwards.

If you haven't already done so, get the patch from Microsoft, and make sure your anti-virus is properly up-to-date.

Tags: Conficker, downadup, Microsoft

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.

View all posts by Graham Cluley