Mar 31, 2009
As you have probably heard on the news a new beastie has been making its rounds on the Net, infiltrating Windows machines and awaiting the coming of the first of April - April Fool's Day. Unfortunately, like Y2k and the Michaelangelo virus, there is an incredible amount of misinformation out there making this worm out to be The End of the Net As We Know It - to hear some of the
First and foremost, spend a few minutes learning about Conflicker.C (or .D - thanks heaps, Microsoft), Net-Worm.Win32.Kido, Win32.Worm.Downadup.Gen, or whatever your favorite AV company is calling it these days. The tireless team over at the Internet Storm Center has assembled a collection of links to good information about this worm which you should spend at least a few minutes reading. The first couple of links on their page go to pages which contain procedures for removing the malware from an infected box manually, should it come down to that. Thankfully, there are also links to nearly a dozen utilities that will locate and eradicate the malware automatically; these utilities are free and were developed by reputable companies (like Microsoft, Sophos, McAfee, and Symantec). If you're concerned that you might run into some infected machines, you might want to download one or two of them and burn them to a CD to carry around with you just in case.
I strongly suggest that you open another tab or window in your browser and go directly to Windows Update to install the latest available updates for your machine. Conflicker exploits a vulnerability in Windows 2000, XP, and Server 2003 called MS08-067 to propagate, a vulnerability which was confirmed by Microsoft in October of 2008 I hasten to add. This is not a 1337 0-day exploit, you should already have patched this bug.
Next, for the love of Alan Turing install and run antivirus software on your machine. I run Avast! Home Edition on my Windows instances. It's free to download and install but you have to register with your e-mail address to get the one year free home use license key. In the three or so years that I've been using it, not once have I ever recieved spam from Avast! at the e-mail address I registered with. The turnaround time to get the reg key is fast, on the order of a couple of minutes (if that).
Here's hoping that tomorrow won't be fun in a colonoscopy sort of way.