Conficker worm exploits Microsoft MS08-067 vulnerability

Filed Under: Malware, Microsoft, Vulnerability


Back in October I warned you about a critical security vulnerability found in some versions of Microsoft Windows.

Known as as MS08-067, Sophos published information about this serious vulnerability and warned of the potential for worms to be written which would exploit the security hole.

Yesterday, we began to receive reports of a new piece of malware (W32/Confick-A, also known as Conficker) that attempts to spread by exploiting this vulnerability.

If the knowledge that Microsoft chose to release a security patch outside of its normal monthly cycle wasn't enough to stir you into action, then news of the new worm definitely should. It's always better to do everything possible in advance of a piece of malware being released, rather than mopping up afterwards.

If you haven't already done so, get the patch from Microsoft, and make sure your anti-virus is properly up-to-date.

, ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley