How to combat the W32/Conficker worm
Technical Articles ID:
KB60909
Last Modified: 4/7/2017
Last Modified: 4/7/2017
How to combat the W32/Conficker worm
Technical Articles ID:
KB60909
Last Modified: 4/7/2017 EnvironmentMcAfee AntiSpyware Enterprise 8.x
McAfee Labs (AVERT) McAfee Labs Stinger McAfee SaaS Endpoint Protection 5.x McAfee VirusScan Enterprise 8.x W32/Conficker (all variants) SummaryW32/Conficker is a worm with multiple variants. It exploits a buffer overflow vulnerability in the Server Service on Windows computers. McAfee Labs has named the most recently discovered variant of this worm W32/Conficker.worm.gen.d.
The W32/Conficker worm attaches itself to several prominent Windows processes including:
It also connects to a remote server for additional commands. It can receive instructions to propagate to other systems, gather personal information, or to download and install additional malware on the infected system.
See the Conficker- Note to Customers document attached to this article for more information and links to other resources. SolutionIMPORTANT: See the Combating W32 Conficker worm document attached to this article for detailed information on detecting and removing the W32/Conficker.worm.
W32/Conficker.worm attack symptoms
Characteristics
Variants
What to do next
IMPORTANT: See the Combating W32 Conficker worm document attached to this article for detailed information on detecting and removing the W32/Conficker.worm.
Related InformationFor breaking information from McAfee Labs about the latest virus alerts and security threats, see http://www.mcafee.com/us/mcafee-labs.aspx.
AttachmentAttachmentAffected ProductsGlossary of Technical Terms |
|