3/31/2009

Last-minute Conficker survival guide

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec's Conficker (aka Downadup) tool, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.

On the Net:

List of Conficker removal programs:
http://www.confickerworkinggroup.org/wiki/pmwiki.php?nANY.RepairTools

Homeland Security's announcement of its detection tool:
http://tinyurl.com/c3petb

From: Yahoo! Technology

3/30/2009

What you need to know about the Conficker worm (Macworld.com)

If you’ve been paying attention to general computer news, you may have read about the Conficker worm, and what may (or may not) happen to Windows PCs that are infected with Conficker on April 1. The worm has received a lot of attention, leading more than a few Mac users to ask about the worm’s impact on OS X. Mac security maker Intego received so many inquiries that the company added a Conficker entry to its blog.

So, as a Mac user, how worried should you be about Conficker? The short answer to the question is that, unless you’re running Windows inside a virtual machine or via Boot Camp, you really don’t have much to fear from Conficker. It’s a worm that takes advantage of Windows systems with unapplied security patches—a population that may be as high as 30 percent of the Windows machines out there. Conficker won’t work on OS X at all, so most Mac users have nothing to fear from the worm.

If you do use Boot Camp and/or Windows inside a virtual machine, however, you should make sure your system has the latest Microsoft patches, and may want to use a third-party anti-virus utility to check to see if your installation has been infected by Conficker. Microsoft also offers a free Conficker removal tool.

What exactly does Conficker do? At the moment, nobody really seems to know. Symantec’s security researchers, for instance, theorize that the network of Conficker-infected machines will be “rented out to criminals who want to send spam, steal IDs and direct users to online scams and phishing sites.” The reality is that, because Conficker isn’t active at the moment, nobody knows how it may be used. What is known, however, is that on April 1, certain variants of Conficker will take some active steps to further protect themselves from detection and removal. Infected machines are effectively under control of those who wrote Conficker, and they can install malicious code at their discretion.

If you’re using Windows—either on your Mac or directly on an Windows PC—I strongly recommend you take the necessary steps to make sure you haven’t been infected. If you’re only using OS X, you’ve got nothing to worry about, at least relative to the Conficker worm.

from Yahoo News!

3/19/2009

Microsoft launches Internet Explorer 8

Microsoft has launched the latest version of its web browser, Internet Explorer 8 (IE8)

Microsoft says that IE8 is more secure, allows users to cut down on common tasks and will be an integral part of its forthcoming Windows 7 system.

Although IE is still the most popular browser, it faces stiff competition from Google, Firefox, Opera and others.

The release is Microsoft's first major browser update since 2006, when the company released Internet Explorer 7.